See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/354365978
SUPPLEMENTARY LECTURE NOTE ON FORENSIC ACCOUNTING & FRAUD
MANAGEMENT
Book · September 2021
CITATIONS
READS
0
7,024
1 author:
Godwin Emmanuel Oyedokun
Lead City University Ibadan
199 PUBLICATIONS 540 CITATIONS
SEE PROFILE
Some of the authors of this publication are also working on these related projects:
Informal sector tax administration and monitoring in Nigeria View project
forensic accounting View project
All content following this page was uploaded by Godwin Emmanuel Oyedokun on 08 August 2022.
The user has requested enhancement of the downloaded file.
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
LECTURE NOTE
ON
FORENSIC ACCOUNTING, AUDIT, INVESTIGATION & FRAUD MANAGEMENT
Professor Godwin Emmanuel Oyedokun
ND (Fin), HND (Acct.), BSc. (Acct. Ed), BSc (Fin.), LLB., MBA (Acct. & Fin.), MSc. (Acct.), MSc. (Bus &Econs), MSc. (Fin), MSc. (Econs), PhD (Acct), PhD
(Fin), PhD (FA), CICA, CFA, CFE, CIPFA, CPFA, CertIFR, ACS, ACIS, ACIArb, ACAMS, ABR, IPA, IFA, MNIM, FCA, FCTI, FCIB, FCNA, FCFIP,
FCE, FERP, FFAR, FPD-CR, FSEAN, FNIOAIM
godwinoye@yahoo.com; godwin.oyedokun@lcu.edu.ng
+2348033737184, & +2348132445878
Cite this Lecture note as follows:
Oyedokun, G. E. (2020). Fundamentals of forensic accounting & fraud Investigation. 2nd Edition, Lagos,
Nigeria. Association Forensic Accounting Researchers (AFAR). ISBN: 978-978-56462-6-9
COURSE DESCRIPTION
This course is packaged to expose students to the basic knowledge of Forensic Accounting, and it will
be conducted largely on a seminar basis with intensive discussion given to contemporary issues in
forensic accounting and fraud examination. The course is designed primarily to expose students to
forensic accounting and fraud examination at an advanced level by deepening the knowledge of
students in forensic thereby widening their view on the subject matter.
COURSE OBJECTIVE
At the end of this course therefore, students should be able to:
1. Explain the basic concept of Forensic Accounting;
2. Be able to relate and distinguish between forensic accounting, auditing, and investigation;
3. Explain the importance of the roles of forensic accounting in fraud detection, investigation,
and fraud risk assessment in an organization;
4. Understand the need for the adoption of forensic accounting techniques in resolving the
problem of financial crimes and cyber-crime in Nigeria.
COURSE CONTENTS
INTRODUCTION TO FORENSIC ACCOUNTING
1.
2.
3.
4.
5.
1
Concept of Forensic Accounting
Objective of Forensic Accounting
Justification for Forensic Accounting
Forensic Accounting Skill Set
Forensic Accounting Engagements
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
FRAUD EXAMINATION/INVESTIGATION
1.
2.
3.
4.
5.
Concept of Fraud Examination/Investigation
Anatomy of Fraud
Fraudulent Financial Reporting
Fraud Theories
Fraud Deterrence Cycle
FORENSIC ACCOUNTING OPERATIONS
1.
2.
3.
4.
Planning the Audit and formation of robust action plan
Forensic Accounting Techniques
Data Mining
Evidence Gathering
CREATIVE ACCOUNTING
1. Concepts in Creative Accounting
a. Creative Accounting
b. Window Dressing
c. Earnings Management
d. Aggressive Accounting
e. Accounts Manipulation
f. Profit Smoothing
g. Fraudulent Financial Statement
h. Fraudulent Financial Reporting
2. Implications of Creative Accounting
3. Ethical Issues in Creative Accounting
4. Curbing Creative Accounting
FORENSIC ACCOUNTING INVESTIGATIONS
1. Concept of Investigation
2. Types of Investigation
a. Interview
b. Interrogation
3. Techniques in Investigation
4. Forensic Investigation
5. Formation of Investigation Team
6. Forensic Investigation Evidence
FORENSIC AUDITING
1.
2.
3.
4.
5.
2
Concept of Forensic Auditing
Principles of Forensic Auditing
Legal Liability and Rule-Based Practice from Performance Audit
Forensic Auditing practice, engagement and application
Techniques and Challenges of Forensic Auditing
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
MONEY LAUNDERING
1.
2.
3.
4.
5.
6.
Concept of Money Laundering
Economic and Social Impact of Money Laundering
Methods of Money Laundering
Fraud and Money Laundering
Financial Institution and Money Laundering
Investigating Money Laundering
DIGITAL FORENSICS
1. Concept of Digital Forensics
2. Computer Forensics
3. Terminology in Computer Forensics
4. Techniques in Computer Forensics
5. Uses of Computer Forensics
6. Guidelines of Digital Forensics
7. Tools of Digital Forensics
8. Stages in Digital Forensics
9. Digital Forensic and other Disciplines
10. Issues facing Digital Forensics
11. Concept of Cloud Computing
12. Digital Evidence: Uses and Control
13. Data Recovery and control
14. Electronic Mail Investigation
15. Computer Networking and Investigation
16. Cyber Crime Investigation
EVIDENCE AND EVIDENCE HANDLING TECHNIQUES
1.
2.
3.
4.
5.
6.
7.
8.
Concept of Evidence
Forms of Evidence
Types of Evidence
Admissibility of Evidence
Evidence Collection Process
Evidence gathering procedure
Best Evidence Rule
Electronic Evidence Rule
FORENSIC REPORT WRITING AND TECHNIQUES
1.
2.
3.
4.
5.
3
Reporting the outcome of investigation
Expert Report
Standards of Reporting
Rule of Guilt and Innocence
Contents of Forensic Report
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
6.
7.
8.
9.
4
Prof. Godwin E. Oyedokun
Report Discovery
Attorney-Client Doctrine
Avoidable Mistakes in Report Writing
Guidelines to writing an Expert Report
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
LECTURE 1
INTRODUCTION TO FORENSIC ACCOUNTING
INTRODUCTION
It is important to state that Audit, investigation and Forensic Accounting are not the same.
However, one can help lead to the other. Also, Forensic Accounting takes end position. Investigation can
never take first position. It is only necessary when the situation is shrouded in complexity. But taking
Forensic Accounting routes is inevitable.
Audit is also the one that takes the lead. It's just to exam and report.
Forensic accounting plays a vital role in preventing, detecting and minimising accounting frauds and
eliminating their existence in an organisation. The role of forensic accountants in combating frauds and
other related financial crimes both in the private and the public sectors cannot be overemphasized.
Hence, forensic accountants must possess the requisite accounting, auditing, and investigative skills in order
to provide evidence suitable for use in the court when fraud exists within an organization.
However, the procedures for a thorough forensic audit demands a high level of understanding in the
provision of auditing, investigations techniques, accounting rules, wide economic references and other legal
obligations.
Forensic accountants draw conclusions which calculate values and identify irregular or suspicious
transactions by critically analysing the financial data.
They provide an accounting analysis to the court of law for any dispute resolution and the economic
investigative explanations of the fraud that has been committed.
FORENSIC ACCOUNTING
Forensic accounting has risen to prominence because of increased financial frauds are popularly known as
white collar crimes. Forensic accounting can be described as a specialized field of accountancy which
investigates fraud and analyze financial information to be used in legal proceedings. Forensic accounting
5
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
uses accounting, auditing, and investigative skills to conduct investigations into theft and fraud. It
encompasses both Litigation Support and Investigative Accounting.
Forensic accounting, forensic accountancy or financial forensics is the specialty practice area of accounting
that describes engagements that result from actual or anticipated disputes or litigation. "Forensic" means
"suitable for use in a court of law", and it is to that standard and potential outcome that forensic accountants
generally have to work. Forensic accountants, also referred to as forensic auditors or investigative auditors,
often have to give expert evidence at the eventual trial (ICMAI, 2014).
According to the Journal of Forensic Accounting, “Forensic accounting is sufficiently thorough and
complete so that an accountant, in his/ her considered independent professional judgment, can deliver a
finding as to accounts, inventories, or the presentation thereof that is of such quality that it would be
sustainable in some adversarial legal proceeding, or within some judicial or administrative review.”
Forensic accounting falls within the context of our environmental needs. That is, to give forensic assistance
in accounting issues. This is very vital in the environment that is flooded with fast moving businesses and
polluted with politicians who have powers to corrupt well-meaning businessmen. This normally happens
in detriment of well-planned public projects that are roughly implemented.
In terms of qualities of a forensic accountant, Fitzhugh (2010) mentioned that by the nature of the job,
forensic accounting favours individuals who have prior work experience in fields like law enforcement and
auditing. Maturity and prior professional knowledge give forensic accountants a frame of reference to
utilizing their professional judgment and frequently a "gut" instinct developed from years of experience.
Definitions of Forensic Accounting
KPMG (1999) defines forensic accounting as assistance in disputes which are likely to involve litigation,
arbitration, expert determination, mediation or an enquiry by an appropriate regulatory authority, and
investigation of suspected frauds, irregularity or impropriety which could potentially lead to civil, criminal
or disciplinary proceedings; while focusing primarily on accounting issues.
Chilvers (2000) defined “Forensic Accounting” as the use of investigative techniques, integrated with
accounting and business skills, to develop information and opinions for evidence in court and for use by
expert witnesses.
6
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
Forensic accounting is recognized as a form of professional expertise and endowed with specific attributes;
the recognition comes from possessing a formal certification in forensic accounting which provides
symbolic value (Williams, 2002).
Forensic accounting is the specialty area of the accountancy profession which describes engagements that
result from actual or anticipated disputes or litigation. “Forensic” means “suitable for use in a court of law,”
and it is to that standard and potential outcome that forensic accountants generally should work (Crumbley,
Heitger, & Smith, 2005).
In the view of Howard and Sheetz (2006), forensic accounting is the process of interpreting, summarizing
and presenting complex financial issues clearly, succinctly and factually often in a court of law as an expert.
Degboro and Olofinsola (2007) noted that forensic investigation is about the determination and
establishment of fact in support of the legal case. That is, to use forensic techniques to detect and investigate
a crime is to expose all its attending features and identify the culprits. Due to the common nature of the
various definitions reside in the areas of litigation services, accounting investigation and preparing courtready evidence all of which are of great importance to the banking industry.
Forensic accounting may be one of the most effective and efficient ways to reduce and prevent fraudulent
activities as it is concerned with the evidentiary nature of accounting data, and as a practical field concerned
with:
i.
Accounting fraud and forensic auditing;
ii.
Compliance,
iii.
Due diligence and risk assessment;
iv.
Detection of financial misrepresentation and financial statement fraud (Skousen & Wright, 2008).
Forensic accounting is that aspect of accounting that provides analysis that is suitable to the court which
will form the basis for discussion debate and ultimately disputes resolution (Wallace, 1991).
However, Forensic accounting is different from the old debit and credit accounting as it provides an
accounting analysis that is suitable to the organization which will help in resolving the disputes that arise
in the organization (Mohammed, 2008).
Hopwood, Leiner, and Young (2008) argued that forensic accounting is the application of investigative and
analytical skills for resolving financial issues in a manner that meets standards required by courts of law.
7
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
Forensic accounting is a science dealing with the application of accounting facts and concepts gathered
through auditing methods, techniques and procedures to resolve legal problems which require the
integration of investigative, accounting, and auditing skills (Arokiasamy & Cristal, 2009; Dhar & Sarkar,
2010).
Dhar and Sarkar (2010) defined forensic accounting as the application of accounting concepts and
techniques to legal problems. It demands reporting, where accountability of the fraud is established and the
report is considered as evidence in the court of law or in administrative proceedings. It is concerned with
the use of accounting discipline to help determine issues of facts in business litigation (Okunbor & Obaretin,
2010).
Forensic accounting is a discipline that has its own models and methodologies of investigative procedures
that search for assurance, attestation and advisory perspective to produce legal evidence. It is concerned
with the evidentiary nature of accounting data, and as a practical field concerned with accounting fraud and
forensic auditing; compliance, due diligence and risk assessment; detection of financial misrepresentation
and financial statement fraud; tax evasion; bankruptcy and valuation studies; violation of accounting
regulation (Dhar and Sarkar, 2010).
Stanbury and Paley-Menzies (2010) stated that forensic accounting is the science of gathering and
presenting information in a form that will be accepted by a court of jurisprudence against perpetrators of
economic crime. The America Institute of Certified Public Accountants (AICPA) defines forensic
accounting as services that involve the application of specialized knowledge and investigative skills
possessed by Certified Public Accountants. Forensic accounting services utilize the practitioner’s
specialized accounting, auditing, economic, tax, and other skills (AICPA 2010).
Singleton and Singleton (2010), said forensic accounting is the comprehensive view of a fraud
investigation. It includes preventing frauds and analyzing antifraud control which includes the gathering of
nonfinancial information.
According to the Institute of Forensic accountancy (IFA) of Nigeria, forensic accounting is the specialty
practice of accounting that describes engagement that results from anticipated disputes or litigations.
Forensic accounting to the Webster’s dictionary means’ belonging to use in or suitable to court to
jurisdiction or to public discussion debate. Forensic audit or forensic accounting can be used
8
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
interchangeably; forensic accountants often should give expert evidence at the eventual trial. All of the
larger accounting firms, as well as many medium sized and boutique firms, have a specialist forensic
accounting department, within this groups, there may be further sub-specialization for example, some
forensic accountant may just specialize in insurance claims, personal injury claims, fraud construction or
royalty audit (Timbee, 2011).
According to Oyedokun (2013), forensic accounting is said to be a scientific accounting method of
uncovering, resolving, analysing and presenting fraud matters in a manner that is acceptable in the court
of law. This has been criticized as not covering the intent of forensic accounting and its full scope.
Limiting the definition of forensic accounting to fraud matters skewed it too close to the meaning of fraud
examination or fraud investigation.
Notwithstanding all about definition of forensic accounting, Oyedokun (2018) give a compressive
definition of forensic accounting as “as a scientific accounting method of uncovering, analysing, resolving
and presenting fraud and white-collar crime matters in a manner that produces admissible evidence
which is capable of proving or disproving facts in issue suitable in the court of law”.
Similarly, in his study, Oyedokun (2018) contributed to the existing knowledge in terms of forensics
concepts, where new definitions were brought forward as a result of the findings herein. These are tax
accounting, forensic taxation, forensic tax audit, forensic tax investigation, and forensic tax justice among
others.
These are briefly discussed below:
a.
Forensic Tax Accounting: Forensic tax accounting is the forensic accounting processes that focus
on tax issues including ensuring correct filing of tax returns and planning for future tax responsibilities - as
opposed to the preparation of financial statements. Forensic tax accounting is a specialized field of forensic
and accounting where accountants focus on the preparation of tax returns as well as tax planning for future
taxable years while considering the skills in preparation of financial accounting and having in mind that the
report could be used in court (Tax Appeal Tribunal).
b.
Forensic Taxation: Forensic taxation is the application of taxation skills, accounting skills,
auditing skills and investigative skills for the purpose of ensuring that the taxes due by taxpayers are
9
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
adequately assessed, collected, accounted for and that taxpayers remit their tax returns to the tax authorities
as at when due in a manner suitable to law.
c.
Forensic Tax Audit: Forensic tax audit is the integration of taxation skills, auditing skills,
accounting skills and investigative skills by tax authorities in examining taxpayers’ tax affairs, closely and
verifying that the income and deductions are accurate stated.
d.
Forensic Tax Investigation: Forensic tax investigation is the application of auditing skills,
accounting skills and investigative skills in taxation by tax authorities for an in-depth examination in tax
affairs of the taxpayers, in order to uncover and recover tax undercharged in previous years of assessment.
e.
Forensic Tax Justice: Forensic tax justice is the application of taxation and forensic investigative
skills in ensuring that those charged with governance of stated are examined with a view to reinstating the
utilisation of tax revenue in a manner that brings about development in the state.
The role of a Forensic Accountant as follows:
1.
Investigating financial accounts for illegal activity such as white-collar crime.
2.
Interprets findings of an investigation to determine if there's a problem.
3.
Examines financial data regarding alleged criminal activity such as fraud, money laundering, illegal
transactions, and embezzlement.
4.
These financial records may include bank accounts, records, or financial transactions.
5.
Using knowledge of the law and accounting to determine whether there is fraudulent activity.
6.
Working with law enforcement, private investigators or lawyers while conducting investigations.
7.
Testifies in court about the investigation.
8.
Assist the courts, solicitors, and clients to understand the complex financial and accounting issues
and presenting that information in a manner that all users can understand.
Forensic Accountants helps at a number of different levels in the litigation process including:
i.
Assisting in initial discovery
ii.
Applying our commercial knowledge and expertise
iii.
Providing expert evidence both written and oral
iv.
Independence
v.
Criminal Investigations
vi.
Shareholders' and Partnership Disputes
vii.
Personal Injury Claims/Motor Vehicle Accidents
10
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
viii.
Business Interruption/Other Types of Insurance Claims
ix.
Business/Employee Fraud Investigations
x.
Matrimonial Disputes
xi.
Business Economic Losses
xii.
Professional Negligence
xiii.
Mediation and Arbitration
Prof. Godwin E. Oyedokun
Competencies Required by a Forensic Accountant
A set of competencies required by a forensic accountant have been identified. These skills include
i.
Good analytical skills
ii.
Creative thinking skill,
iii.
Strong knowledge of the legal environment
iv.
Unstructured problem-solving competence,
v.
Investigative flexibility,
vi.
Analytical proficiency including oral communication ability, written communication ability,
vii.
Practical business experience
A forensic accountant is expected to have competence in a broad spectrum of disciplines including
accounting, law, auditing, criminology, and information technology and communication skills.
Application of Forensic Accounting by Forensic Accountants
Forensic Accounting may be conducted into the following:
i.
Fraud and white-collar crime investigations;
ii.
Criminal and civil investigations;
iii.
Preparation of expert reports, reviews, and evidence;
iv.
Testifying as an expert witness;
v.
Insolvency and liquidation support investigation;
vi.
Fraud prevention and awareness strategies;
vii.
Fraud and fund tracing;
viii.
Civil and criminal actions regarding fraud and financial irregularities;
ix.
Breach of contract;
x.
Breach of warranty, particularly on company acquisitions;
xi.
Insurance claims;
xii.
Liquidation support;
11
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
xiii.
Regulatory enquiries;
xiv.
Special and confidential investigations;
xv.
Financial Surveillance
xvi.
Anti-Money Laundering Programs
xvii.
Fraud and risk management surveys and reports
xviii.
Background checks
Prof. Godwin E. Oyedokun
A forensic accounting engagement and investigation is typically substantially longer than any other
investigation. Continuity of staff on the part of the client is therefore often difficult to maintain.
This makes it more essential that the forensic accountant conducts his work in a manner which is concise,
detailed document.
Please let me know if there is any question.
Take it easy, read at your time, attend to Quizzes a d Examination Questions as much as possible
12
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
LECTURE 2
FRAUD EXAMINATION AND INVESTIGATION
The increasing incidence of fraud, fraudulent activities, and corrupt practices in Nigeria and around the
world has necessitated the relevance of forensic accounting. Forensic accounting arises because the audit
system in an organization had failed to detect certain errors. Forensic accounting covers all activities
involved in fraud investigation, forensic accounting investigation and forensic audit. Forensic accountants
are employed to look into the possible suspicion of fraudulent activities or hired by a company who may
just want to prevent fraudulent activities from occurring.
Definition of Fraud
According to the Institute of Turkish History (1998), fraud means a deceptive trick, scam, game artifice,
cabal which is committed to cheating, mislead someone and contributing something useless to something
in order to gain an advantage. According to Arzova (2003), fraud is meant to create a misjudgment or
maintain an existing misjudgment to induce somebody to make a contract. However, one should not mix
fraud with fault, which means “wrong, mistake, error committed involuntarily and unconsciously”. Fault
stems from the deficiencies originated from a person or an environment. Therefore, intention is the most
important element which distinguishes fraud from fault.
Fraud can be referred to as intentional act of using an unfair or dishonest act to illegally deprive another
person or entity of money, assets, or legal rights which includes misappropriation, and misrepresentation
or non-disclosure of a material fact. According to Black’s Law Dictionary, fraud is “a knowing
misrepresentation of the truth or concealment of a material fact to induce another to act to his or her
detriment.”
Elements of Fraud
There are basically 4 elements that prove the commission of fraud. They are:
A misrepresentation or non-disclosure of a material fact: non-disclosure or misrepresentation of
material fact is the major element and necessary condition that proves the commission of a fraud (Fraud
Examiner’s Manual, 2020).
Knowledge of falsehood: There must be knowledge of misleading and non-disclosure of the fact.
13
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
Intention to deceive: There must be an intentional act to conceal or misrepresent facts.
Actual loss or injury suffered: There must be loss or injury suffered by the victim as a result of relying
on the deception or misrepresentation of the fraudster. However, for some fraudulent acts, this might not
be necessary.
Different types of fraudsters
Fraudsters usually fall into one of three categories:
1.
Pre-planned fraudsters, who start out from the beginning intending to commit fraud. These can be
short-term players, like many who use stolen credit cards or false social security numbers; or can be longerterm, like bankruptcy fraudsters and those who execute complex money laundering schemes.
2.
Intermediate fraudsters, who start off honest but turn to fraud when times get hard or when life
events, such as irritation at being passed over for promotion or the need to pay for care for a family member,
change the normal mode.
3.
Slippery-slope fraudsters, who simply carry-on trading even when, objectively, they are not in a
position to pay their debts. This can apply to ordinary traders or to major business-people
Fraud may also be categorized into three groups, namely;
i.
Internal: Internal fraud relates to those committed by members of staff and directors of the
organizations.
ii.
External fraud: external fraud is committed by persons not connected with the organization and
iii.
Mixed fraud: this involves outsiders colluding with the staff and directors of the organization.
Fraud Examination
Fraud examination is the methodology of resolving allegations from inception to disposition including
obtaining evidence, interviewing suspects, writing reports and assisting in detection and deterrence of fraud
(ACFE, 2022). Fraud examination draws its common body of knowledge from four areas: accounting and
auditing, fraud investigation, legal elements of fraud and criminology.
It is hereby recommended that all would be forensic accountants/investigators, fraud/forensic auditors,
statutory auditors, and investigative accountants should be well equipped with forensic accounting
techniques in obtaining admissible evidence suitable for litigation purposes. All fraud investigations are
forensic accounting investigation but not all forensic accounting investigations are a fraud investigation.
This is where forensic accountant and fraud examiners come in. Certified Fraud Examiners are currently in
14
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
great demand, with the public need for honesty, fairness and transparency in reporting increasing
exponentially.
Fraud Investigation
Fraud investigation deals with the investigation of fraudulent activities. The outcome of fraud investigation
may or may not be used for legal purposes. Fraud investigation is often associated with the investigation of
criminal matters. All fraud investigations are forensic accounting investigation but not all forensic
accounting investigations are a fraud investigation. Forensic accounting is the umbrella that covers fraud
investigation, forensic accounting investigation and forensic audit.
Fraud alerts
Fraud alerts have been described as specific events or red flags, which may be indicative of fraud. A list of
possible fraud alerts is provided below. This should not be considered an exhaustive list, as alerts will
appear in many different guises according to circumstances.
i.
Anonymous emails/letters/telephone calls.
ii.
Emails sent at unusual times, with unnecessary attachments, or to unusual destinations.
iii.
Discrepancy between earnings and lifestyle.
iv.
Unusual, irrational, or inconsistent behaviour.
v.
Alteration of documents and records.
vi.
Extensive use of correction fluid and unusual erasures.
vii.
Photocopies of documents in place of originals.
viii.
Rubber Stamp signatures instead of originals.
ix.
Signature or handwriting discrepancies.
x.
Missing approvals or authorisation signatures.
xi.
Transactions initiated without the appropriate authority.
xii.
Unexplained fluctuations in stock account balances, inventory variances and turnover rates.
xiii.
Inventory adjustments.
xiv.
Subsidiary ledgers, which do not reconcile with control accounts.
xv.
Extensive use of ‘suspense’ accounts.
xvi.
Inappropriate or unusual journal entries.
xvii.
Confirmation letters not returned.
xviii.
Supplies purchased in excess of need.
xix.
Higher than average number of failed login attempts.
xx.
Systems being accessed outside of normal work hours or from outside the normal work area.
xxi.
Controls or audit logs being switched off.
15
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
ANTI-FRAUD TEAM
The anti-fraud teams according to Ekeigwe (2010) comprises of those that are responsible for controlling
and preventing fraud and as well prosecuting fraudsters as they include,
i.
Fraud Examiner: Also known as fraud investigator is a person who conducts civil and criminal
investigations to identify a scam. He tracks all the events and examines all the evidence in situations where
fraud may have been committed.
ii.
Auditors: They are those charged with the responsibility of examining and reporting on the
financial statements so as to detect any misappropriations or fraudulent practices.
iii.
Security: Usually a detective, they investigate what could be described as a traditional fraud
offences, such as banking fraud, insiders billing fraud, etc. They are usually armed in case of any
emergency.
iv.
Human Resource Personnel: They are those charged with the responsibility of implementing
strategies and policies that are capable of curbing fraudulent acts.
v.
Management Representative: This is a representative of the organization in which the
investigation is been carried out. He has a first-hand information concerning the issue investigated on.
vi.
Legal Counsel: They are those who give legal advice.
vii.
Information System personnel: They are those involved in processing data concerning the
investigation.
viii.
Accountants: Ovute, in one of his classes stated that “Accountants here examines the accounts and
records of an organization un behalf of a client for a special purpose in terms of business”.
Approaches to Forensic Accounting Assignment
Each forensic accounting assignment is unique and has a peculiar approach. In general, many forensic
accounting assignments will include the steps that must be carried out by forensic accountant and are
detailed below;
1.
Meet with the Client
It is very important to meet with the client in order to have a clear understanding of the important facts,
players and issues at hand.
2.
Perform Conflict Check
A conflict check should be carried out as soon as the relevant parties are established.
16
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
3.
Prof. Godwin E. Oyedokun
Perform Initial Investigation
Preliminary investigations should be carried out prior to the development of a detailed plan of action. This
will allow subsequent plans to be based upon a more complete understanding of the issue.
4.
Develop an Action Plan
This plan will take into account the knowledge gained by meeting with the client in carrying out the initial
investigation and will set out the objectives to be achieved and the methodology to be utilized to accomplish
them.
5.
Obtain the Relevant Evidence
Depending on the nature of the case this may involve locating documents, economic information, and asset,
a person or the company, another expert or proof of the occurrence of an event.
6.
Perform the Analysis
The actual analysis performed will be dependent upon the nature of the assignments and may involve:
i.
Calculating economic damages
ii.
Summarizing a large number of transactions
iii.
Performing a tracing of assets
iv.
Performing a present value calculation by utilizing appropriate discount rates
v.
Performing a regression or sensitivity analysis
vi.
Utilizing a computerized application such as a spreadsheet, database or computer model
vii.
Utilizing charts and graphics to explain the analysis
7.
Prepare the Report
Often a report will be prepared which may include sections on the nature of the assignment, scope of the
investigation, approach utilized, and limitations of scope and findings and/or opinions. The report will
include schedules and graphics necessary to properly support and explain the findings.
17
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
LECTURE 3
FORENSIC AUDITING
With the increase in fraudulent activities in financial accounting in the global economy, forensic auditing
has become an emerging discipline of great importance for academia and the real sector. Therefore,
determining how efficient and the extent to which forensic auditing are meeting up with the desired goal
needs to be taken into consideration.
Forensic auditing is perceived to have evolved in response to certain emerging fraud related cases. The
scandals that recently rocked the corporate world with classical examples.
The increasing sophistication of financial fraud requires that forensic auditing is added to the tools
necessary to bring about the successful investigation and prosecution of those individuals involved in
criminal activities.
Forensic accountants, also referred to as forensic auditors or investigative auditors, often have to give expert
evidence at the eventual trial.
The concept of Forensic Auditing
A forensic audit is summarizing and adapting investigative auditing, criminology, litigation services, and
financial skills in detecting fraud. The cumulative complexity of fraud requires that forensic auditing is
involved in the tools required to successfully investigate and prosecute cases of fraud and those involved
in fraudulent practices (Njanike, Dube & Mashayanye 2009). Fraud auditors are generally accountants or
auditors, who, by their attitudes, attribute, skills, knowledge, and experience, are experts at detecting and
documenting frauds in books of records of accounting and financial transactions and events.
Curtis (2008) argues that fraud can be subjected to forensic auditing, since fraud encompasses the
acquisition of property or economic advantage by means of deception, through either a misrepresentation
or concealment. Bhasin (2007) notes that the objectives of forensic auditing include:
i.
Assessment of damages caused by an auditor’s negligence,
ii.
Fact-finding to see whether an embezzlement has taken place, in what amount, and whether
criminal proceedings are to be initiated;
iii.
Collection of evidence in criminal proceedings; and
iv.
Computation of asset values in divorce proceedings.
18
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
He argues that the primary orientation of forensic auditing is explanatory analysis (cause and effect) of the
phenomenon- including the discovery of deception (if any), and its effects-introduced into the accounting
domain.
According to Bhasin (2007), forensic auditors are trained to look beyond the numbers and deal with the
business realities of situations. Analysis, interpretation, summarization and the presentation of complex
financial business-related issues are prominent features of the profession. He further reported that the
activities of forensic auditors involve:
i.
Investigating and analyzing financial evidence;
ii.
Developing computerized applications to assists in the analysis and presentation of financial
evidence;
iii.
Communicating their findings in the form of reports, exhibits and collections of documents; and
iv.
Assisting in legal proceedings, including testifying in courts as an expert witness and preparing
visual aids to support trial evidence.
Principles of Fraud Auditing
The following among others are principles of fraud auditing:
1.
Fraud auditing is unlike financial auditing. It is more a mind-set than a methodology.
2.
Fraud auditors are unlike financial auditors. Fraud auditors focus on exceptions, oddities,
accounting irregularities, and patterns of conduct, not on errors and omissions.
3.
Fraud auditing is learned primarily from experience, not from audit text books or last year’s work
papers. Learning to be a fraud auditor means learning to think like a thief— “Where are the weakest links
in this chain of internal controls?”
4.
From an audit perspective, fraud is intentionally misrepresenting financial facts of a material nature.
From the fraud-audit perspective, fraud is an international misrepresentation of finance facts.
5.
Frauds are committed for economic, egocentric, ideological, and psychotic reasons. Of the four,
the economic motive is the most.
6.
Fraud tends to encompass the theory structure around the motive, opportunity, and benefit
7.
Fraud is a computerized accounting environment can be committed at any state of processing input,
throughout, or output. Input frauds (entering false and fraudulent data) are the most common
8.
The most common fraudulent schemes by lower-level employees involve disbursement (payable,
payroll, and benefit and expense claims).
9.
The most common fraudulent schemes by higher-level managers involve “profit smoothing”
(deferring expenses, booking sales too early, overstating inventory).
19
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
10.
Accounting-type frauds are caused more often by the absence of controls than by loose controls.
11.
Fraud incidents are not growing exponentially, but lose are.
12.
Accounting frauds are discovered more often by accident than by financial audit purposes or design.
Over 90 per cent of financial frauds is discovered.
13.
Fraud prevention is a matter of adequate controls and works environment that places a high value
on personal honesty and fair dealing.
Application of Forensic Audit
It will be useful therefore to discuss forensic as being either “proactive or reactive”.
1.
Proactive Forensic: This audit helps businessmen to ensure that their processes stay robust, and it
can be viewed from different aspects depending on its application as discussed by Ezeilo (2010) below:
a.
Statutory Audit: In this case, auditing standard prescribe that internal control should be studied and
evaluated in respect of safeguarding assets and resources when performing regularity and financial audit,
and in assisting management in complying with laws and regulations when performing compliance
auditing.
b.
Regulatory Compliance: This technique is usually used by government departments or agencies to
access compliance with regulations governing payments or grants or subsides. Performance auditors could
also use this technique while auditing such governmental programs.
c.
Diagnostic Tool: Forensic auditing can be used either by management or by auditors to carry out
general reviews of activities to highlight risk arising either out of fraud or from any other source, with the
purpose of initiating focused reviews on particular areas and targeting specific threats to the organization.
d.
Investigation of Allegation: The techniques of forensic auditing are useful in this case, in the sense
that various complaints and allegations could be used as a guild for gathering evidence used in investigation.
This is cited as being proactive because it is widely felt that the existence of a system of investigation in
such cases is significant deterrent to fraud and corruption (Ezeilo, 2010).
2.
Reactive Forensic: The objective of this audit is to investigate cases of suspected fraud so as to
prove or disprove the suspicious and if proven, the person involved is to be identified; the findings are to
be supported by evidence, after which it is presented in an acceptable format in any subsequent discipline
or criminal proceedings (Ezeilo, 2010).
Due to the processes involved in reactive forensic audit, it is important therefore to keep in view the
following:
i.
Working relations with the investigating prosecuting agencies.
ii.
Authorization and control of the audit investigation.
20
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
iii.
Documentation of relevant information and safeguarding all prime records pertaining to the case.
iv.
Rules of evidence on government admissibility or authentication of records.
v.
Confidentiality of evidential document.
vi.
Evaluation of the evidence to assess whether the case is sustainable.
vii.
Legal advice where appropriate.
viii.
Reporting the findings in a manner that needs legal requirements.
Important aspects of Forensic Audit
i.
Recovery of data that has been deleted intentional or accidentally
ii.
Ensure that the digital evidence have not been damaged, changed or modified in any way as you
need to preserve the evidence in its original state.
iii.
Confirm the authenticity of the digital evidence.
iv.
Maintain the chain of custody of the evidence. Otherwise, it may become contaminated and
worthless for the case.
v.
Ability to determine the special and unique characteristics of a piece of evidence be it digital or
otherwise.
vi.
The use of forensic software and hardware in the gathering of digital evidence
Techniques of Forensic Audit
The following are the techniques involved in forensic accounting as espoused by ICMAI (2014)
i.
Benchmarking: comparing one financial period with another or the performance of one cost
Centre, or business unit, with another, overall business performance with its standards defined.
ii.
Ratio analysis: used to identify any abnormal trends and changes.
iii.
System analysis: to examine the systems in place and identifying any weaknesses that could be
opportunities for the fraudsters.
iv.
Specialist software: like audit tools for data matching analysis can prove very useful.
v.
Exception reporting: that generates automatic reports that unchangeable for results that fall
outside of predetermined threshold values, enabling immediate identification of results deviating from the
norms.
21
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
LECTURE 4
FORENSIC ACCOUNTING INVESTIGATIONS
Forensic accounting investigators take the position that the typical financial statement auditor may wait too
long before calling in the forensic accounting investigator. But no savvy auditor will fail to notice the
possibility of bias in the statement. The thoughtful and efficient use of forensic accounting investigators
often offers the right balance between conducting routine audits and investigating for possible fraud. A
predicate must exist before an investigation is undertaken.
A predicate is the totality of circumstances that would lead a reasonable, professionally trained, and prudent
individual to believe a fraud has occurred, is occurring, and/or will occur. Predication is the basis for
undertaking a fraud investigation. It would be inappropriate and a violation of the Association of Some
auditors may call in forensic accounting investigators at the slightest suspicion of fraud. Year after year,
they may bring in these forensic accounting investigators as the same client; their mindset is to consult early
and often not only with forensic accounting investigators but also with industry experts and the risk-andquality auditors who typically provide, from the center of major accounting firms, an internal consulting
service for audit teams in the field.
According to Hopwood, Leiner and Young (2012), the fraud investigation process involves systematically
gathering and reviewing evidence for the purpose of documenting the presence or absence of fraud. Fraud
investi¬gations normally commence as a result of some indication that fraud may have occurred. Forensic
Investigation and Forensic Audit are better forensic strategies in resolving the allegations of fraudulent
activities as signs of financial crime can be initially detected in a variety of ways; by accident, by whistleblowing, by auditors, by data mining, by controls and testing, or by the organization's top management
requesting an inspection on the basis of mere suspicion. In virtually all cases, the fraud investigator must
assume that the matter under investigation will eventually conclude in civil or criminal courts.
As a result, fraud investigations must be conducted systematically and with the utmost care from the very
beginning.
A forensic accounting investigation is a practice of lawfully establishing evidence and facts that are to be
presented in a court of law (Oyedokun, 2015b). The term is used for nearly all investigations, ranging from
cases of financial fraud to murder. When most people think about forensics, they think about crime scene
22
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
investigation, in which physical evidence is gathered. There are other forms of forensic investigation,
however, such as computer forensics and sub-fields that focus on dentistry or insects and crime scenes
(Taylor, 2017).
Concept of Investigations
The investigation is the act or process of investigating or the condition of being investigated. The
investigation is a searching inquiry for ascertaining facts; detailed or careful examination
(dictionary.reference.com). The investigation is a vital part of forensic accounting and auditing process but
only applied when the event or transaction is beclouded. It is carried out when lapse has been established
to ascertain who is responsible, the reason for the action including the extent of damage if any. It could be
referred to as a detailed verification and clarification of doubt about a transaction or event.
Forensic Investigation
Forensic accounting is investigative. Instead of seeking conformance, you are looking for outliers or
specific patterns. Generally, in support of some sort of legal process, the outcome is less general (an audit
report), and is generally useful as evidence in court regarding certain occurrences (where did my cash go;
why did this customer get 10% discounts; why am I paying three times the going rate for sand; etc.).
Forensic accounting is much more thorough and focused, principally to fully recognize a specific issue or
family of issues and often used in resolving disputes, including litigation support. Forensic accounting as
simplified by Oyedokun (2014) means effective evidence gathered by auditors which are appropriate for
use in a court of law and frequently used by government agencies.
Whereas forensics is principally conducted with an assumption that there may be something that has gone
wrong, and sufficient papers should be built up to establish the same. The primary purpose is evidence
collection to establish a possible misappropriation, misstatement or a fraud. Forensic accounting is designed
for use in a court of law, so forensic accountants develop evidence that cannot be shredded by opposing
lawyers. Forensic accounting investigators thus often have the task of conveying to all constituencies that
the results of the investigation will be more reliable if all participants and interested parties work together
and contribute their specific expertise or insight with truth-seeking objectivity.
Forensic investigations include lots of other accounting work designed to support legal action such as
disputes with ex-employees who were sacked because of allegations of incompetence; summarising the
effects of complicated financial transactions; business valuations needed for a messy divorce, family
disputes; finding deleted incriminating evidence on computers.
23
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
Forensic investigation is the utilization of specialized investigative skills in carrying out an inquiry in such
a manner that the outcome will have an application to a court of law. Such forensic investigation may be
in accounting, computer, medicine, engineering or some other disciplines.
Phases in Engagement Approach to Forensic Accounting
Renick (2007) in his article “a Phased Engagement Approach to Forensic Accounting” opined that there
are several approaches to a forensic investigation. He recommended a phased engagement approach in
managing the investigation efficiently as its controls the engagement with decision points throughout the
process (Renick, 2007). The phases are as listed below:
Phase 1: Exploration and Evaluation
Before any work can begin, the client and the forensic accountant must define the problem, the issues
involved, and the scope of the engagement. Then a projection of the timeframe, cost, and expected
deliverables for each phase can be determined.
Phase 1 concludes with a report of preliminary findings, written or oral. The report should indicate what
additional information and documents are needed, a recommendation on how to proceed, and the
identification of any potential risks. These might include risks to the business from public disclosure or
government scrutiny, and to clients for their actions or inactions, as well as litigation risk. Forensic
accountants must bear in mind that all written communications may be subject to discovery.
At this point, a determination must be made whether to continue to phase 2 (i.e., expansion of scope) or to
conclude the engagement.
Phase 2: Expansion of Scope
Tracking and tracing: Phase 2 commences with specific document analysis. This analysis is more in-depth
than in phase 1; it will probably include a review of many more transactions, books, records, and documents
requested from the opposing side. Phase 2 may also include the verification of certain findings from third
parties.
Preparing the analysis: In preparing an analysis, it is important for a forensic accountant to trace transactions
from beginning to end as well as from end to beginning including reviewing supporting documentation.
One example would be a purchase. The beginning-to-end tracing may start with the request by the factory
24
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
foreman for certain materials. The tracing would include requisition and inventory logs, the purchase
journal, the accounts payable subsidiary ledger, the cash disbursements journal, and the general ledger. The
documents related to that request might include the materials requisition, the purchase order, the warehouse
receipts journal, the voucher payable, and the cancelled check (Oyedokun, 2015c).
Reconstruction of books and records: At times, the forensic accountant may have to reconstruct books and
records, or specific transactions, from whatever information is available. The specific information needed
may not be readily available or may not be in a form that the forensic accountant needs or can use.
Third-party verification and confirmation: At times, the forensic accountant may need to obtain third-party
verification to confirm matters that arise during the investigation. These third parties may include vendors,
customers, and banks.
The conclusion of Phase 2: Phase 2 concludes with the delivery of a report to the client. As compared to
the report issued in phase 1, the phase 2 report is almost always in writing and more formal. The report in
phase 2 should include detailed findings, any additional potential risks that the forensic accountant believes
are present, any additional information that might still be needed, and a recommendation as to whether the
forensic accountant believes there is sufficient evidence or information for the process to continue.
Like phase 1, a determination as to how to proceed must be made: whether to expand the investigation even
further, whether to seek depositions and further discovery, or whether to conclude the matter for lack of
sufficient cause or evidentiary matter, or because of potential risks.
Basic elements to consider for inclusion in a report of forensic investigation
i.
Identify your client
ii.
State in broad terms what you were asked to do
iii.
Describe your scope, including the period examined
iv.
Include mention of any restriction as to distribution and use of the report
v.
Identify the professional standards under which the work was conducted
vi.
Identify exclusions in the reliance on your report
25
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
Forensic Audit Investigation Methodology
Forensic investigation is the utilization of specialized investigative skills in carrying out an inquiry
conducted in such a manner that the outcome will have an application to a court of law. Forensic
Investigators are being grounded in accounting, medicine, engineering or some other discipline.
Forensic investigation is the examination of evidence regarding an assertion to determine its
correspondence to established criteria carried out in a manner suitable to the court.
According to Umeraziz (2014), the methodologies are as follows:
1.
Analyzing data which is available
2.
Creating a hypothesis based on such data
3.
Testing the hypothesis
4.
Refining and altering the hypothesis
5.
Communicating Results
The Fraud Investigation Process
The fraud investigation process involves a series of four steps:
i.
The engagement process;
ii.
The evidence collection process;
iii.
The reporting process;
iv.
The loss recovery process
Consider Legal Issues in Forensic Investigation
Before an investigation is launched, the entity must consider any legal issues that could affect the scope
and manner of the investigation. Some examples include:
a.
Rights of Workers or Other Suspects under Investigation: These include any rights created by
applicable federal or state laws, employment contracts, and collective bargain-ing agreements that restrict
or define ways in which investigations must be conducted. For example, a collective bargaining agreement
might require that the entity give formal notice to an employee under investigation with the right of union
representation in any investigation related interviews or meetings between the employee and the entity,
b.
The Possibility of Conducting the Investigation under Attorney-Client Privilege: Depending on
the legal jurisdiction, the work product of the corporate legal staff might be protected under attorney-client
privilege. In some cases, it might be necessary to conduct the investigation under the general umbrella of
an outside attorney in order to obtain attorney-client protection.
26
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
c.
Prof. Godwin E. Oyedokun
Evaluation of the Evidence: The entity must determine whether there is sufficient evidence and
legal justification to immediately fire a worker or to place the worker on administrative leave with or
without pay.
d.
Rights of Investigating Employers: Employers have a general right to require their employees to
assist in investigations and can terminate employees who refuse to cooper-ate. Unless there are specific
laws or contractual obligations to the contrary, employers have a general right to search an employee's
offices, office computers, and possibly even their briefcases and cars that are on company property.
e.
The extent to which a government entity may be directly or indirectly involved in the investigation
to the extent to which a government agency is involved in an investigation or that the private entity acts on
behalf of the government, the employee might have constitutional rights that limit the entity's powers of
investigation. Failure to respect those rights could lead to a lawsuit by the employee or prevent evidence
from being admissible in court.
f.
Reporting Obligations: Consideration should be given regarding any obligations to report the
incident to law enforcement or government regulations.
27
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
LECTURE 5
THEORIES RELATING TO FRAUD EXAMINATION AND FORENSIC ACCOUNTING
Definition of Theory
Using composite definitions from several dictionaries, we can assert that theory is:
i.
an arrangement of results or a body of theorems presenting a systematic view of some subject.
ii.
that branch of an art or science consisting in knowledge of its principles and method rather than in
its practice.
iii.
a formulation of apparent relationships or underlying principles of certain observed phenomena
which has been verified to some degree
iv.
Theory is defined as “a set of interrelated constructs (concepts), definitions and propositions that
present a systematic view of the phenomena by specifying relationships among variables with the purpose
of explaining and predicting the phenomena”. Whereas, concepts,
A theory, therefore, includes propositions linking concepts in the form of hypotheses to be tested. The
elements included in a theory are concepts, propositions and hypotheses, linked in a systematic structure to
allow explanation and prediction.
Functions and structure of a theory
A theory is identifiable by its function and structure. It is the structure and function a theory performs that
helps in the meeting of the need of a particular discipline. According to John Harvard and Sheth Jagish, the
functions of theory can be categorized into four broad areas, namely:
i. description,
ii. delimitation,
iii. generation, and
iv. integration.
The most popularly mentioned by business related researchers are description and prediction.
i. The descriptive function: the function answers the question of why. It consists of the use of concepts and
their relationships to describe or give the best explanation to a particular phenomenon and forces underlying
it.
ii. The delimitation function: it consists of the selection of the set of favorite events to be explained and
assigning meaning to the formulated abstractions of the descriptive stage.
28
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
iii. The generative function: it is the ability to generate testable hypotheses, which are the main objective
of a theory, or to provide ideas from which hypotheses can be developed.
iv. The integrative function: it is the ability to present a coherent and consistent integration of the various
concepts and relations of a theory.
According to S.C. Dodd, a good theory must possess the following to mention but few:
i. Accuracy
ii. Reality
iii. Controllability
iv. Consistency
v. Durability
vi. Simplicity
vii. Stability
viii. Popularity
ix. Translatability
x. Efficacy, etc.
FORENSIC ACCOUNTING THEORIES
Different theories as relating to forensic accounting have evolved over time as the field of forensic
accounting gains popularity. However, different scholars have developed different theories relating to
forensic accounting and fraud examination. This chapter will, therefore, provide an exposition to the various
theories relating to forensic accounting and fraud examination in no particular order.
1.
Agency Theory
2.
White Collar Crime Theory
3.
Theory of Triangle of Fraud Action
4.
Theory of Fraud Triangle
5.
Theory of Fraud Diamond
6.
Fraud Scale Theory
7.
Deterrence Theory
8.
Theory of Crime and Corruption
9.
The Pentagon Fraud Theory
10.
Anomie Theory
11.
Differential Association Theory
12.
Labeling Theory
29
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
13.
Social Control Theory
14.
Strain Theory
15.
The Gone Theory
Prof. Godwin E. Oyedokun
I will now discuss them hereunder:
AGENCY THEORY
Jensen and Meckling (1976) defined an agency relationship as a “contract under which one or more persons
(the principal(s)) engage another person (the agent) to perform some service on their behalf which involves
delegating some decision-making authority to the agent. If both parties to the relationship are utility
maximizers, there is a good reason to believe that the agent will not always act in the best interests of the
principal”. Agency Theory explains how to best organize relationships in which one party determines the
work while another party does the work. In this relationship, the principal hires an agent to do the work or
to perform a task which he is unable or unwilling to do (Seven Pillars Institute for Global Finance and
Ethics).
“The principal can limit divergences from his interest by establishing appropriate incentives for the agent
and by incurring monitoring costs designed to limit the aberrant activities of the agent. In addition in some
situations, it will pay the agent to expend resources (bonding costs) to guarantee that he will not take certain
actions which would harm the principal or to ensure that the principal will be compensated if he does take
such actions (Jensen and Meckling, 1976).
Agency theory was also explained as “a simple agency model suggests that, as a result of information
asymmetries and self- interest, principals lack reasons to trust their agents and will seek to resolve these
concerns by putting in place mechanisms to align the interests of agents with principals and to reduce the
scope for information asymmetries and opportunistic behaviour (Institute of Chartered Accountants in
England and Wales 2005).
The Institute of Chartered Accountant in England and Wales (ICAEW) (2006) in Millichamp and Taylor
(2008), stated that “in principle, the agency model assumes that no agent is trustworthy and if they can
make themselves richer at the expense of their principals they will. The principal has no alternative but to
compensate the agents well for their endeavour so that they will not be tempted to go into business for
themselves by using the principal’s assets to do so”.
30
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
According to Millichamp and Taylor (2008), the agency is the name given to the practice by which
productive resources owned by one person or group are managed by another person or group of person.
Agency theory, on the other hand, is the recognition that the inclinations of agents, in this case, the directors
or manager of the business, is to act rather more in their own interests than those of their employers, the
shareholder (Millichamp and Taylor, 2008).
WHITE COLLAR CRIME THEORY
White collar crime is a crime committed by a person of respectability and high social status in the course
of his occupation (Sutherland, 1949). Chandra and Showkat (2014) also tried applying a criminal law
definition to white-collar crime by saying white-collar crimes are those criminally illegal acts committed
during the course of one’s job. Here are a few examples: An accountant embezzles funds from his employer;
two nurses steal drugs from their workplace and sell them to addicts; a financial investor steals investors’
money; a prosecutor accepts a bribe to drop criminal charges; two investors share inside information that
allows them to redirect their stock purchases while a disgruntled employee destroys the computer records
of a firm upon her resignation. These acts are instances where the criminal law has been violated during the
course of employment.
Shanikat and Khan (2013) established that there is an increase in white collar crimes where evidence is
comparatively more obscure and difficult to detect. Furthermore, it is imperative to equip auditors and
investigators with forensic skills, due to the emerging threats in the recent times. In general, this theory
assesses white-collar crime as a natural product of conflicting values within our economic and class
structures and the white-collar criminal as an individual who, through associations with colleagues who
define their offences as "normal" if not justified, learns to accept and participate in the anti-legal practices
of his occupation.
THEORY OF TRIANGLE OF FRAUD ACTION
The study of Dada (2014); Albrecht, Hill and Albrecht (2006); and Kranacher et al (2011) which described
the action an individual must perform to perpetrate as follows: the Action which is the execution of the
fraud, embezzlement, cheque kiting or material fraudulent financial reporting, Concealment which is the
hiding of the fraud action by raising false journal, falsification of bank reconciliation and destroying files
and Conversion which is the process of turning the gains from fraud into something useable by the
perpetrator for instance, money laundered, cars or houses.
31
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
Dada (2014) averred that the triangle of fraud action can be documented, controlled and detected by antifraud professionals. Where fraud triangle points investigators to why people might commit fraud, the
evidentiary trail might be weak or non-existent for instance, pressure and rationalization are not directly
observable. It should be noted that a lack of fraud evidence is not a proof that fraud had not occurred. Hence,
anti-fraud professionals need an evidence-based approach to conduct an investigation. The triangle of a
fraud action, therefore, helps in detecting white collar crimes and obtaining prosecutorial evidence where
it makes it difficult to argue that the fraudulent acts were incidental.
THEORY OF FRAUD TRIANGLE
Fraudsters are constantly searching for more efficient, more sophisticated methods of fraud by thoroughly
investigating the company’s environment, accounting and internal control systems, by analyzing the
company’s financial condition and results of operation, and by evaluating a number of other factors
(Mackevicius & Giriunas, 2013). Fraud triangle originated from Donald Cressey and is a theory developed
as an idea to explain the causes of fraud. There are three major factors in which the proponent captured to
be the cycle of committing fraud by a fraudster. They include pressure, opportunity and rationalization
While working on his PhD Cressey (1940), focused his research on embezzlers. His findings resulted in a
theory which, over the years, has become known as the fraud triangle. One leg of the triangle represents a
perceived non-sharable financial need. The second leg is for the perceived opportunity, and the final is for
rationalisation. The role of the non-sharable problem is important. Cressey (1940) said, “when the trust
violators were asked to explain why they refrained from violation of other positions of trust they might
have held at previous times, or why they had not violated the subject position at an earlier time, those who
had an opinion expressed the equivalent of one or more of the following quotations: (a) ‘There was no need
for it like there was this time.’ (b) ‘The idea never entered my head.’ (c) “I thought it was dishonest then,
but this time it did not seem dishonest at first”.
In his view, Cressey (1940) opined that there were two components of the perceived opportunity to commit
a trust violation: general information and technical skill. General information is simply the knowledge that
the employee’s position of trust could be violated. This knowledge might come from hearing of other
embezzlements, from seeing dishonest behaviour by other employees, or just from generally being aware
of the fact that the employee is in a position where he could take advantage of his employer’s faith in him.
Montgomery, Beasley, Menelaides, and Palmrose (2002) also discussed the concept of “The Fraud
Triangle” as consisting of three conditions generally present when fraud occurs: Incentive/Pressure,
Opportunity, and Attitude/ Rationalizations. Technical skill refers to the abilities needed to commit the
32
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
violation. These are usually the same abilities that the employee needs to obtain and keep his position in
the first place (Fraud examiner manual, 2014).
THEORY OF FRAUD DIAMOND
Fraud diamond theory is an extension of the fraud triangle theory which was introduced by Wolf and
Hermanson in 2004 in which they presented another view of the factors to fraud. The theory adds fourth
variable “capabilities” to the three-factor theory of fraud triangle postulated by Cressey (1950). As indicated
by Wolfe and Hermanson (2004), opportunities open the doorway to fraud, incentive and rationalization
can draw the person toward it. But the person must have the capability to recognize the open doorways as
an opportunity and to take advantage of it by walking through, not just once, but over and over again.
Rudewicz (2011) identified that individuals with certain characteristics and personality traits will increase
the likelihood for fraud to occur. Wolfe and Hermanson (2004) also summarized six traits, associated with
the capability element which is that a person in a position of authority has more influence over particular
situations which will enable him to commit fraud; the fraudster is smart enough to understand and exploit
internal weakness and to use position, function or authorized access to the greatest advantage; the fraudster
must have a strong ego and the fraud perpetrator must be a person who can coerce and pursue others to
commit fraud for him or alongside with him; the fraudster, in order to avoid detection, must able to lie
convincingly and consistently; the fraudster must be able to control their stress as committing the fraudulent
act and keeping it concealed can be exceedingly stressful.
Thus, forensic accountants should keep in mind that pressure/motive to commit fraud can be either personal
pressure, employment pressure, or external pressure and each of these types of pressure can also happen
because of financial and non-financial pressure. Forensic accountants also need to understand the
opportunity for fraud to help them in identifying which fraud schemes an individual can commit and how
fraud virus occurs when there is an ineffective or missing internal control.
FRAUD SCALE THEORY
Albrecht, Howe & Romney (1984) developed the fraud scale theory as an alternative to the fraud triangle
model. The fraud scale includes personal integrity instead of rationalization and it is particularly applicable
to financial reporting fraud where sources of pressure (e.g. analysts’ forecasts, managements’ earnings
guidance, a history of sales and earnings growth) are more observable. Personal integrity is associated with
the personal code of ethical behaviour each person adopts.
33
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
They also argued that unlike rationalization in the fraud triangle, personal integrity can be observed in both
an individual’s decisions and the decision-making process which can help in assessing the integrity and
determining the likelihood that an individual will commit fraud. Various authors have also supported the
fraud scale theory that fraud and other unethical behaviours often occur due to an individual’s lack of
personal integrity or other moral reasoning because moral and ethical norms play essential roles in an
individual’s decisions and judgment.
DETERRENCE THEORY
The deterrence theory can be traced to the early works of classical philosophers such as Thomas Hobbes
(1588–1678), Cesare Beccaria (1738–1794), and Jeremy Bentham (1748–1832). Deterrence theory is a
theory of crime that presumes that human beings are rational enough to consider the consequences of their
actions and to be influenced by those consequences. Some theorists believe that crime can be reduced
through the use of deterrence. The goal of deterrence, crime prevention, is based on the assumption that
criminals or potential criminals will think carefully before committing a crime if the likelihood of getting
caught and or the fear of swift and severe punishment is present.
The theory of deterrence that has developed from the work of Hobbes, Beccaria and Bentham relies on
three individual components:
i.
Severity,
ii.
Certainty, and
iii.
Celerity.
The more severe a punishment, it is thought, the more likely that a rationally calculating human being will
desist from criminal acts. To prevent crime, therefore, criminal law must emphasize penalties to encourage
citizens to obey the law. The punishment that is too severe is unjust, and punishment that is not severe
enough will not deter criminals from committing crimes.
THEORY OF CRIME AND CORRUPTION
Sociologist Gross (1963) has asserted that all organisations are inherently criminogenic (that is, prone to
committing a crime), though not necessarily criminal. Gross makes this assertion because of the reliance
on “the bottom line.” Without necessarily meaning to, organisations can invite fraud as a means of obtaining
goals. It is believed by Shanikat and Khan (2013) that the rise in the white-collar crimes, where evidence
are comparatively more obscure and difficult to detect (Gottschalk, 2011), has necessitated equipping of
auditors and investigators with forensic skills, particularly over the recent years (DiGabriele, 2009; Carnes
& Gierlasinski, 2001). Criminologist Oliver Williamson noted that because of a department’s concern with
34
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
reaching its goals, managers might tend to maximise their department’s own interests to the detriment of
the organisation. (Fraud examiner manual, 2014)
As a strategy to control crime, deterrence is designed to detect law violations, determine who is responsible,
and penalise offenders in order to deter future violations. Deterrence systems try to control the immediate
behaviour of individuals, not the long-term behaviours targeted by compliance systems. Deterrence theory
assumes that humans are rational in their behaviour patterns. Humans seek profit and pleasure while they
try to avoid pain. Deterrence assumes that an individual’s propensity towards law-breaking is in inverse
proportion to the perceived probability of negative consequences (Fraud examiner manual, 2014).
THE PENTAGON FRAUD THEORY
The Pentagon Fraud Theory is also called Crowe’s Fraud Pentagon Theory. This theory was initially used
in financial audits and was put forward by Albrecht et al. (2011) and Connolly et al. (2006). The Fraud
Pentagon Theory is an extension of the Fraud Triangle Theory and Fraud Diamond Theory. The Fraud
Pentagon Theory dimension explains several reasons or factors why someone commits fraudulent acts
(Akomea-Frimpong et al., 2016; Kassem and Higson, 2012; Pedneault et al., 2012; Vousinas, 2019).
The Five Elements of the Fraud Pentagon
Arrogance: According to Albrecht et al. (2011), Connolly et al. (2006), arrogance is the characteristic of
superiority regarding the rights that people have and the feeling that internal controls and company policies
do not apply to them.
Pressure: According to Albrecht (2012), pressure stems from someone feeling the need to commit
fraudulent behavior. "The intended pressure may come from the closest people like parents, siblings or
friends” (Hartano, 2012). Olejnik and Holschuh (2007) describe academic pressures as responses that arise
owing to too many demands and tasks that must be done by students.
Opportunity: According to Albrecht (2012), opportunity is when someone feels that he or she has a
combination of situations and conditions that allow him or her to commit academic fraud and not be
detected. In this research opportunity arises, intentionally or unintentionally, in situations that compel
someone to commit academic fraud.
Rationalization: Rationalization is an internal conflict within the offender and is an attempt to justify the
act of fraud he or she has committed (Dorminey et al., 2012; Girgenti and Hedley, 2011; N’Guilla et al.,
35
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
2018). Rationalization is self-justification for wrong behavior (Albrecht, 2012). Students who exhibit
academic fraudulent behavior constantly look for justification by saying that academic fraud is justified for
a variety of reasons. A morally-acceptable attitude or rationalization needs to occur before fraudulent
behavior is executed. In other words, rationalization allows the perpetrator to see illegal actions as
acceptable actions (Ruankaew, 2016).
Competence: The Fraud Pentagon Theory, proposed by Albrecht et al. (2011); Connolly et al. (2006), states
that competence can be interpreted as ability in the Diamond Fraud Theory. According to Albrecht et al.
(2011); Connolly et al. (2006), competence or capability is the ability to ignore internal controls, develop
concealment strategies, and control social situations for personal benefits. Wolfe and Dana (2014), state
that to improve fraud prevention and detection, it is important that elements of competence and capability
are taken into account. In addition to dealing with pressure, opportunity and rationalization, an individual’s
capability must also be considered. The individuals’ capabilities include personal traits and abilities, which
play a major role in the academic fraud that might actually occur, even in the presence of the three other
elements.
ANOMIE THEORY
This theory is seen as a condition of malaise in individuals, characterized by an absence or diminution of
standard of values. When applies to a government or institutions anomie implied a social unrest or chaos
or disorder (Chandola, 2009).
DIFFERENTIAL ASSOCIATION THEORY
This theory is of the premise that through interaction with others, individuals learn the values, attitudes,
techniques and motives for criminal behavior, and that if employees are shielded from bad influences and
exposed to good role models, the incidence of fraud will be low (Ekeigwe, 2010).
LABELING THEORY
Also known as social reaction theory, it is concerned with how the self-identity and behavior of an
individual is influenced, categorized and described by others in their society. It also focuses on the linguistic
tendency of majorities to negatively label minorities. Tennenbaum and Becker (2008).
SOCIAL CONTROL THEORY
This theory proposes that people’s relationships, commitments, values, norms and beliefs encourage them
not to break the law, and that if morals codes are internalized, individuals will voluntarily limit their
36
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
propensity to commit deviant acts. As this acts are undertaken in the pursuit of self-interest and self-control
(Gottfredson & Hirschi, 1990).
STRAIN THEORY
This theory states that social structures with society may encourage citizens to commit fraud. When the
goals of a society become significant to the individual, achieving them becomes more important than the
means adopted, as there is usually an encouragement to strive for monetary success, with little or no
emphasis placed on the legitimate means of achieving them (Ekeigwe, 2010).
THE GONE THEORY
Another theory used to examine the causes for academic fraud among students is the Gone Theory.
Ismatullah and Elan (2016), states that there are four factors that compel a person to commit fraud, namely
Greed, Opportunity, Need, and Exposure, better known as the GONE theory. This theory was first put
forward by Jack Boulogue in the book Fraud Auditing and Forensic Accounting: New Tools and
Techniques (1995).
According to Bologna in Lisa (2013) in Zaini (2015), the Gone Theory reveals four factors why fraud
occurs:
1. Greed is related to the existence of behavior potentially possessed by every individual.
2. Opportunity is related to certain circumstances of organizations, institutions or societies, which open up
opportunities for someone to commit fraud.
3. Need is related to the factors necessitated by individuals to support their normal lives.
4. Exposure is related to punishment or consequences faced by the perpetrators of fraud when they are
caught. If one of the four behavioral factors compelling fraud can be minimized, the rate of fraud will be
lower. If the four behavioral factors causing fraud cannot be minimized, the rate of fraud will be higher.
37
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
LECTURE 6
CREATIVE ACCOUNTING AND FRAUDULENT FINANCIAL REPORTING
INTRODUCTION
Application of International Financial Reporting Standard (IFRS) and other relevant accounting standards
with appropriate disclosures lead to the fair presentation of the financial statement. The International
Accounting Standard 8 (IAS 8) which is on Accounting Policies, Changes in Accounting Estimates and
Errors emphasizes on the selection and application of appropriate accounting policies so as to reflect the
true presentation of the financial statements.
Fair presentation encompasses a range of different figures due to the fact that; alternative accounting
policies can produce different results while application of accounting in accordance with IAS 8 is often
based on estimates and judgments. A comprehensive basis of accounting comprises a set of criteria used
in preparing the financial statements which applies to all material items and which has a substantial support.
Financial statements that are not prepared to meet the common information needs of a wide range of users
may be prepared to meet the financial information needs of specific users and as such the different basis of
accounting should be well defined since the information needs of users will determine the applicable
financial reporting framework (ICAN-NSA32, 2008).
Thus, creative accounting will ordinarily produce different financial results, especially when applying
different policies like different depreciation rates, different income recognition approach and using various
operational techniques and methods by different organizations. Nobes and Parker (2010) observed that
differences in accounting practice which include the difference in culture, the legal system, tax system,
mode of financing, presentation and reporting format often results in significant differences in the reported
incomes and other financial statement items.
What is Creative Accounting?
There are various definitions of creative accounting in the literature, but they all boil down to the same idea.
Bhasin (2016) describes creative accounting as an accounting practice that may (or may not) adhere to
accounting principles and standards, but deviates from what those principles and standards intend to
achieve, in order to present the desired business image. In other words, creative accounting is the process
of transforming accounting information from what it actually is to what the company wants it to be, using
the benefits (or loopholes) in the existing rules or by ignoring part of the rules. Creative accounting can also
38
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
be described as a series of actions initiated by the company’s management that affect the reported business
result, which, however, do not bring true economic benefits to the company, but can instead result in great
damages in the long term (Merchant, & Rockness, 1994). Shah (1998) in turn, defined creative accounting
as a process in which managers utilise the so-called loopholes and ambiguities in accounting standards to
demonstrate financial success in a biased manner.
Since creative accounting often does not violate legal rules, the question is whether it is good or bad. This
depends on the basic purpose for which it is used and the manner in which it is applied. Bhasin (2016)
describes it in a very picturesque way: creative accounting is like a double-edged sword – management can
either use it in a positive sense, or it can abuse it. Thus, the idea to present the business in a better light can
ultimately result in a total loss of company image.
Creative Accounting refers to the use of accounting knowledge to influence the reported figures, while
remaining within the jurisdiction of accounting rules and 'taws, so that instead of showing the actual
performance or position of the company, they reflect what the management wants to tell the stakeholders,
purposeful intervention in the external financial reporting process with the intent of obtaining some
exclusive gain.
Why Creative Accounting?
Management of organizations are been motivated towards creative accounting behaviour and what
motivates these steps are highlighted below according to Hameed and Ajide (2014),
a.
The existence of tax levies based on income,
b.
Confidence by shareholders and workers in management that is able to report stable earnings and
psychological expectations relating to increases or decreases in anticipated income.
c.
In countries with highly conservative accounting systems, the income smoothing' effect can be
particularly pronounced because of the high level of provisions that accumulate.
d.
Another bias that sometimes arises is called 'big bath accounting’, where a company making a bad
loss seeks to maximize the reported loss in that particular year so that future years will appear better.
e.
Other motivations for creative accounting include those provided when significant capital market
transactions anticipated, and when there, is a gap between the are the performance of the firm and analysts'
expectations. A variant -on income smoothing is to manipulate profit to tie in forecasts.
39
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
CONSEQUENCES OF USING CREATIVE ACCOUNTING
In the preceding paragraphs it became clear that the consequences of creative accounting are undesirable
in many cases. To confirm this, it is important to consider the consequences of using creative accounting.
i.
Reduction of Company Value - Decisions taken to influence short-term profits through the use of
creative accounting may impair the health of “long-term" economical entity.
ii.
Violation of Ethical Standards - Even if inventive accounting practices do not violate IFRSs, they
are a controversial ethical practice. Creative accounting resembles a steep path with minor accounting
frauds, which become more aggressive until they create distortions in the financial statements.
iii.
Hiding Unit Operational Problems - Creative accounting can be practiced at lower managerial
levels so that operational problems can be kept hidden by senior managers
Some Preventive Measures
Preventing creative accounting practices, the use of which has resulted in many bankruptcy cases of major
companies in the world such as Enron, WorldCom, or Parmalat, requires the involvement of many
stakeholders from organizations that set accounting rules and standards for government up to companies or
different industry branches.
i.
The ability to choose different accounting methods can be reduced by reducing the number of
possible methods or specifying the cases when each method can be used. Another way of preventing it is
to seek consistency in the use of methods. If a company has used a certain method when its financial
condition was good, it should continue to use the same method even if the advantage is not in her side.
ii.
Regarding to the abusing judgment or prediction, there are three ways to prevent it. The first is the
adoption of rules that minimize cases of use of judgment or prediction by companies. The second concerns
the obligation to have a consistency or continuity of the method used in the trial. So if the company has
evaluated something in a certain way, there is no reason why it should change this method if it does not use
it anymore. Third, auditors need to intensify their efforts in detecting inaccurate manipulative projections.
Once auditors audit the company's financial statements, they should carefully check whether the
anticipation made by the managers are normal or obvious signs of falsehood.
iii.
Artificial transactions can be prevented by using the concept of "substance over form". So, the
companies should use more economic restraint in the accounting records of these transactions than its legal
form. It is necessary for the procedure to be economically conceived and to recognize its economic effect
and not to be abused with the legal form which, despite being legally regular, does not represent the
economic reality of any action.
iv.
Regular transactions are difficult to prevent and becomes a moral responsibility for the company
executives. However, the possibility to use it as a manipulation tool can be limited by setting the constant
40
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
assessment of fixed assets and long-term investments so that the loss or gain from their valuation or
impairment is recognized in the relevant period and not just in a period.
v.
Since the market and the economy are increasingly evolving, chances that certain specific business
areas are not well covered by accounting rules. This problem can be reduced through extended review of
current standards and their completion with new standards for problem areas such as accounting for stock
exchange operations.
Problems with the reclassification or presentation of financial numbers can be solved by setting up unique
standards for the presentation and classification of financial statements and the items included in them.
Earnings Management
Earnings management is a type of creative accounting where an attempt is made by management so as to
influence or manipulate reported earnings by using specific accounting methods or changing the methods
previously used. Earnings management techniques include deferring or accelerating expense or revenue
transactions or using other methods designed to influence short-term earnings.
Earnings management is the use of accounting techniques to produce financial reports that present an overly
positive view of a company's business activities and financial position. Many accounting rules and
principles require company management to make judgments. Earnings management takes advantage of how
accounting rules are applied and create financial statements that inflate earnings, revenue or total assets.
Window Dressing
This depicts a situation where an entity enters into a transaction during a particular financial year and
reverses such transaction immediately after the year-end. The main motive for doing this is to artificially
improve profitability and liquidity in the financial statements.
Window dressing is a strategy used by mutual fund and other portfolio managers near the year or quarter
end to improve the appearance of a fund’s performance before presenting it to clients or shareholders. To
window dress, the fund manager sells stocks with large losses and purchases high-flying stocks near the
end of the quarter. These securities are then reported as part of the fund's holdings.
Aggressive Earnings Management
Aggressive earnings management is a manipulated means of misleading the stakeholders especially about
an entity's performance and profitability. Companies could carry out various ugly means to achieve their
aims. According to Sanusi (2010), some banks normally engage in manipulation of their books by colluding
41
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
with other banks to artificially enhance financial positions and therefore stock prices, practices such as
converting non-performing loans into commercial papers and bank acceptances and setting up off-balancesheet special purpose techniques so as to hide their losses. This shows the extent to which some banks could
go on creative accounting and aggressive earnings. Although, the Central Bank of Nigeria (CBN) had put
in place various stringent measures in order to put an end to this menace and other related practices in the
banking industry.
Big Bath Accounting
This refers to recognizing all the bad news in one year so that later years can look stronger. If a company
expects disappointing results it might decide to make them even worse by writing down assets and
recognizing liabilities. In future years the assets could be used without any corresponding cost and a
decision made that the liabilities are no longer required. They would then be reversed back through the
statement of profit or loss.
Motives for applying creative accounting
The main motives for applying creative accounting are:
i.
Obtaining personal gain;
ii.
Competition;
iii.
Attracting investors;
iv.
Increasing or maintaining the level of capital;
v.
Buying time for not settling debts;
vi.
Beating analysts’ forecasts about future company performance.
In order to present their business in the best possible light, companies use various techniques to manipulate
financial information. Manipulations usually occur where accounting standards require accounting
estimates.
The most widely used creative accounting techniques are:
i.
Manipulation of off-balance sheet financing items;
ii.
Changes in accounting policies and depreciation methods;
iii.
Manipulation of other income and expense items;
iv.
Changes in the value of money;
v.
Overestimation of revenues by recording fictitious sales revenues;
vi.
Manipulation of receivables write-offs;
vii.
Manipulation of accruals.
42
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
Since creative accounting is increasingly being used in a negative sense, resulting in numerous accounting
scandals with huge consequences, it is necessary to establish efficient methods that will limit or minimise
manipulation of financial information.
Techniques for preventing creative accounting
Efficient techniques for preventing creative accounting include:
i.
Adaptation of accounting standards in terms of limited use of estimates and consistency in the
application of accounting methods;
ii.
Recognising and insisting on the role of internal and external audit in identifying and reporting
unfair estimates, and preventing accounting manipulations;
iii.
Change of audit service providers from one accounting period to another;
iv.
Hiring independent directors and members of the audit committee;
v.
Establishing effective corporate governance controls;
vi.
Company persistence in developing a whistleblower policy;
vii.
Continuously making employees aware of the code of ethics;
viii.
Placing emphasis on the development and application of forensic accounting;
ix.
Making investors aware of the practice of manipulating financial information;
x.
Consistent enforcement of penalties by national authorities.
Ethical consideration in creative accounting and aggressive earnings by organizations is a concerned issue
which requires a critical look and with a view of recommending appropriate checks. Creative accounting
includes a situation where some of the accounting laid down rules, laws and regulations have been
manipulated, modified or readjusted so as to produce another result other than the initial result if no
manipulations are involved. Creative accounting should involve a fair presentation of financial statement
by directors to the shareholders and stakeholders as some of them might rely on the information therein to
make certain decisions. Fair presentation means that the financial statements should be presented fairly
(truly, accurately, detailed and in an understandable format) showing the financial position, financial
performance and cash flows statement of an entity. Fair presentation requires the faithful representation of
the effects of transactions, other events and conditions in accordance with the definitions and recognition
criteria for assets, liabilities, income, and expenses set out in the standards (Greuning, 2006).
43
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
LECTURE 7
COMPUTER CRIMES
Knowledge of Information and Communication Technology (ICT) is a must for Forensic Accountants and
Fraud Examiners. Tools available in ICT are majorly the target when compromises will occur. Therefore,
Computer crimes are illegal and unethical activities which involve the use of information technology or
other means to gain an unauthorised access to a computer system with the intent of damaging, deleting or
altering computer data, including software piracy and malicious software. They also include activities such
as electronic frauds, misuse of devices, identity theft and data as well as system interference. Computer
crimes may include the manipulation of confidential data and critical information. These criminal activities
involve the breach of human and information privacy, as also the theft and illegal alteration of system
critical information. The different types of computer crimes have necessitated the introduction and use of
newer and more effective security measures. Computer crime is referred to other names like Cybercrime,
hi-tech crime and electronic crime.
Computer crimes are basically classified into:
i.
Computer fraud;
ii.
Malicious software (also known as malware); and
iii.
Software and copyright piracy
COMPUTER FRAUD
These are physical and electronic fraudulent practices other than malicious software and software piracy
which can be perpetrated with the intent to cause system interferences, misuse of devices, identity theft and
altering of computer data. Computer frauds include, but are not limited to, the following:
Hacking: The activity of breaking into a computer system to gain an unauthorised access and make an
illegal use of the same is known as hacking. It is also the act of defeating the security capabilities of a
computer system in order to obtain an illegal access to the information stored on the computer system. The
unauthorised revelation of passwords with intent to gain an unauthorised access to the private
communication of an organisation of a user is one of the widely known computer crimes. Another highly
dangerous computer crime is the hacking of IP addresses in order to transact with a false identity, thus
remaining anonymous while carrying out the criminal activities.
44
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
For example, a hacker can view credit card numbers or even top secret government information. It should
be stated here that hacking gives impetus to the intruder to perpetrate other forms of computer fraud which
will be discussed below.
Cyber Stalking: The use of information and communication technology (mainly the Internet and mobile
devices) to persecute other individuals is known as cyber stalking. False accusations, transmission of threats
and damage to data and equipment fall under the class of cyber stalking activities. Cyber stalkers make use
of online forums, chat rooms and social networking websites such as Twitter and Facebook to defame and
threaten individuals. Other forms of cyber stalking include: sending obscene mails, abusive phone calls.
Phishing: This is the act of attempting to acquire sensitive information like usernames, passwords and credit
card details by disguising as a trustworthy source. Phishing is carried out through emails or by luring the
users to enter personal information through fake websites. When Internet users are making use of the www
facility on the Internet, an effort should be made to distinguish between organisations with related URLs
since computer fraudsters can develop a URL and website that are much similar to address and contents of
the real organisation, which make the users, feel safe to enter their details there. For example, there is a
difference between these two URLs www.cibn.com and www.cibng.org. The first is a Christian association
and the second is a Nigerian banking professional institute. In phishing, let us assume the first URL is a
fake website built and disguise as CIBN website, then CIBN users can be lured to believe the website is a
genuine website of the CIBN.
Scavenging: Also referred to as dumpster diving, or trashing, this is the name given to a very simple type
of security attack which involves scavenging, searching illegally through materials that is regarded as being
redundant or discarded by the authorised and the original user. Searching for unwanted file itself might not
look illegal but the use to which it is applied.
Data Diddling: Sometimes called false data entry, this involves modifying data before or after it is entered
into the computer. In other words, it is the falsification of entries in a record to be processed either before
or during processing. It is as simple as a data processing officer entering false payroll information using
tactics that might make this illegal act to be difficult to detect. For example, if the processing officer is a
good computer savvy, he can easily instruct the computer either through a special computer program or
existing package in the system to calculate artificial and inflated figures into the payroll elements of some
staff.
45
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
Wiretapping: This is another serious another electronic crime that involves an intruder (third party) breaking
into a communication network without the authorisation or knowledge of the participants. It is much
feasible in telephone and computer network communication and transmission. This is much common
though in the Western world since it requires special skills, knowledge and devices. Criminals sometimes
use wiretapping methods to eavesdrop on communications either for personal advantage or for sinister
reasons. It is unfortunately quite easy to tap many types of network cabling. For example, a simple induction
loop coiled around a terminal wire can pick up most voice and RS232 communications. More complex
types of eavesdropping can be set up as well. In order to forestall wiretapping, it is important to physically
secure all networks cabling to protect it both from interception and vandalism.
Salami Technique or French Round-Off: this type of fraud, which is common in the finance industry,
involves rounding off balances and crediting the rounded off amount to a specific account created for that
purpose. The fraud might for a long time undetected since it involves accumulating fractional portion of
customers’ account balances which might not be significant to attract suspicion even by the customers.
For a hypothetical illustration, let us assume that savings account in a typical Nigerian bank earns 2.3%
interest annually, if we calculate the interest element on two different account balances of =N=1,530,703
and =N=857,030. The annual interest elements are =N=35,206.169 and =N=19,711.69 respectively. The
perpetrator might credit only =N=35,206 and =N=19,711 and slice the addition of 169k and 69k into the
account created for this fraudulent act. The addition of this will result into 238k or =N=2.38. You can see
this is an iota; the criminal will make more money depending on the number of transactions he undertakes.
Let us imagine =N=2.38 is made on two customers’ accounts. Calculate what will be made on 250,000
customers on the average. 250000/2*=N=2.38 will produce =N=297,500 annually.
Piggybacking: This involves following an authorised person into a restricted area, i.e. a building or a
computer room. For example, someone who wants to gain access to a restricted area might show up at a
secured door, carrying a heavy armload of computer equipment, at the same time as an authorised employee
arrives, looking as if they belong. The authorised employee kindly holds the door open, and the intruder
tags along into the area. Of course, there is nothing high-tech about this; it is the same principle burglars
follow to gain entry to apartments. It is easy enough to prevent piggybacking: guards and access methods
like turnstiles and mantraps (which allow only one user to enter at a time). User education is also a very
important deterrent.
46
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
Masquerading: This is termed as impersonation in some quarters. It occurs when one person uses the
identity of another person to gain an access to computer resources. This may be done in person or remotely.
We describe basic masquerading in this section, but masquerading is an attack that spans the boundaries of
the categories that will be discussed here. There are both physical and electronic forms of masquerading.
In person, a criminal may use an authorised user's identity or access card to get into restricted area where
he will have access to computers and data. This may be as simple as signing someone else's name to a signin sheet at the door of a building. It may also be as complex as playing back a voice recording of someone
else to gain entry via a voice recognition system. (The movie titled, Sneakers, had some nice scenes
showing how this could work).
Trap Door: This is a form of loophole created intentionally or unintentionally by the programmer which
give a route to the criminals to get access to the system for their criminal use. It allows quick access to the
program by evading all security measures built into the program. To a programmer, trap doors might make
sense. If a programmer needs to modify the program sometimes in the future, he can use the trap door
instead of having to go through all of the normal, customer-directed protocols just to make the change. Trap
doors, of course, should be closed or eliminated in the final version of the program after all testing is
completed, but, intentionally or unintentionally, some are left in place. Other trap doors may be introduced
by error and only later discovered by crackers who are roaming around, looking for a way into system
programs and files.
Typical trap doors use such system features as debugging tools, program exits that transfer control to
privileged areas of memory, undocumented application calls and parameters, and many others:
1.
Identity Theft: This is one of the most serious frauds as it involves stealing money and obtaining
other benefits through the use of a false identity. It is the act of pretending to be someone else by using
someone else's identity as one's own. Financial identity theft involves the use of a false identity to obtain
goods and services and a commercial identity theft is the use of someone else’s business name or credit
card details for commercial purposes. Identity cloning is the use of another user's information to pose as a
false user. Illegal migration, terrorism and blackmail are often made possible by means of identity theft.
2.
Session Hijacking: This is a relatively new type of attack in the communications category. Some
types of hijacking have been around a long time. In the simplest type, an unauthorized user gets up from
his terminal to go get a cup of coffee. Someone lurking nearby (probably a co-worker who is not authorised
to use this particular system) sits down to read or change files that he would not ordinarily be able to access.
47
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
Some systems do not disconnect immediately when a session is terminated. Instead, they allow a user to
re-access the interrupted program for a short period. A cracker with a good knowledge of telephone and
telecommunications operations can take advantage of this fact to reconnect to the terminated session.
3.
Password Sniffing: Password sniffers are able to monitor all traffic on areas of a network. Crackers
must have installed them on networks used by systems that they especially want to penetrate. Password
sniffers are programs that simply collect the first 128 or more bytes of each network connection on the
network that is being monitored. When a user types in a user name and a password as required when using
certain common Internet services like FTP (which is used to transfer files from one machine to another) or
Telnet (which lets the user log in remotely to another machine), the sniffer collects that information.
Additional programs sift through the collected information, pull out the important pieces (e.g., the user
names and passwords), and cover up the existence of the sniffers in an automated way. Best estimates are
that in 1994 as many as 100,000 sites were affected by sniffer attacks.
4.
Social Engineering: This is also known as social hacking. It is the name given to a category of
attacks in which someone uses human and social skills, including coercion, to steal system-related
information such as physical or electronic keys, access codes and cards, electronic tokens, and toll calls. It
involves tricking, coercing or manipulating others (users or staff members) to reveal information that can
be used to steal data or subvert systems. Such attacks can be very simple or very complex. In one low-tech
case we know about, a man posing as a magazine writer was able to get valuable information over the
telephone from the telephone company simply by asking for it supposedly for his story. He then used that
information to steal more than a million dollars in telephone company equipment.
5.
Eavesdropping: This is a process whereby connection (electronic or physical) is made to private
conversations of others for the purpose of listening, monitoring, and/or examining someone without their
permission and/or knowledge. Eavesdropping can be done over telephone lines (wiretapping), e-mail,
instant messaging and other methods of communication considered private.
6.
Password Cracking: Attackers often aim to gain entrance to a system. If the establishment of an
anonymous connection cannot be accomplished, the attacker will resort to establishing an authenticated
connection. To do so, a valid combination of username and password is required. Using default account
names facilitates the work of the attacker, as he then only has to crack the password. Using blank or weak
passwords facilitates this task even more.
48
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
7.
Prof. Godwin E. Oyedokun
Shoulder Surfing: This is an attempt to obtain information illegally by looking across the
shoulders of a computer operator.
8.
Super Zapping: This lets system administrators or other highly trusted individuals override system
security to quickly repair or regenerate the system, especially in an emergency. Similar utilities are found
on many other types of computer systems. Programs of this kind can be thought of as the master key to the
system. Because superzapping leaves no evidence of file changes, managers may assume that the loss of
funds is a data entry or application program problem. The only reliable way to detect this technique is by
comparing current data files with previous generations of the same files.
9.
IP Spoofing: This is also known as IP address forgery or a host file hijacking technique in which
a cracker masquerades as a trusted host to conceal his identity, spoof a website, hijack or gain access to a
network. IP spoofing is perpetrated by computer criminals to not get caught when spamming, denying or
degradation of service. These are attacks that involve massive amounts of information being sent to
computers over a network in an effort to crash the entire network. An IP (Internet Protocol) address is the
address that reveals the identity of the internet service provider and the personal Internet connection. The
address can be viewed during Internet browsing and in all correspondence that is sent. The hijacker obtains
the IP address of a legitimate host and alters packet headers for the purpose of sending and receiving data
over the Internet and computers that are connected to a network so that the legitimate host appears to be the
source.
Measures to Prevent Computer Fraud
1.
Encryption of data and programs should be emphasized.
2.
The use of password should be encouraged.
3.
Access to computer rooms, sensitive data should be restricted.
4.
There should be segregation of duties of electronic data processing personnel.
5.
Rotation of users or personnel on their duties should be carried out.
6.
Regular information system auditing should be carried out.
7.
CCTV should be installed in the computer environment.
MALICIOUS SOFTWARE (MALWARE)
This is a software deliberately designed to attack other programs and files in computers. Malicious software
is generally referred to as malwares and they include viruses, worms, spywares and Trojan horses.
49
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
Computer Viruses: A virus is a program which attaches itself to other programs to cause undesirable
effects on all programs attached to. Many people do take viruses and worms to mean the same thing; both
can be introduced into systems via Trojan horses. Viruses spread to other computers through network file
system, through the network, the Internet or by means of removable devices like USB disks and CDs.
Computer viruses are, after all, forms of malicious codes written with an aim to harm a computer system
and destroy information. Writing computer viruses is a criminal activity as virus infections can crash
computer systems, thereby destroying great amounts of critical data. However, if a virus infects a program
which is copied to a disk and transferred to another computer, it could also infect programs on that
computer. This is how a computer virus spreads. The spread of a virus is simple and predictable and it can
be prevented.
Computers Worms: Unlike a virus, a worms a standalone program in its own right. It exists independently
of any other programs. To run, it does not need other programs. A worm simply replicates itself on one
computer and tries to infect other computers that may be attached to the same network. They are like
computer viruses, in the fact that they self-replicate in the computer system. However, a computer worm
does not have to attach itself to a program in your system like a computer virus does in order to function.
However, computer worms may have a "payload" that can delete files, encrypt files or email files on the
host computer. A very common payload for a worm is to install a backdoor in the infected computer to
allow the creation of a "zombie" computer under control of the worm author.
Spyware and Adware: Spyware is a newer type of program that damages a computer system. Spyware is
also not a computer virus in the traditional sense, but it is harmful. Spyware works by getting into a
computer system for the purpose of taking partial control over usage, or collecting personal information
without your knowledge. Spyware often ends up on the computer after downloading and installing free
software. Some spyware software can change computer settings or install additional software, but it can
also have an impact on the computer’s performance, slowing down the system and limiting the speed of
network traffic. They can collect information about users without their consent or knowledge, including
personal information such as Internet surfing habits and user logins.
Bots: These are sometimes called Internet bots or zombies. They are types of malware which allow an
attacker to gain complete control over the affected computer. Computers that are affected with a ‘bot’ are
generally referred to as ‘zombies’. Attackers are able to access lists of ‘zombie’ PCs and activate them to
help execute DoS (denial of service) attacks against web sites, host phishing attack web sites or send out
thousands of spams. Bots are good at hiding in the shadows of a computer; they often have file and process
50
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
names that are similar to normal system file names and processes so that the users won’t think twice if they
do see them.
Trojan Horse: This is a program in which malicious or harmful code is contained inside apparently
harmless programming or data in such a way that it can get control and do its chosen form of damage, such
as ruining the file allocation table on your hard disk. Trojan horses do not replicate themselves, but they
can be just destructive. One of the most insidious types of Trojan horse is a program that claims to rid the
computer of viruses but instead introduces viruses to the computer. Consider this typical situation: a Trojan
horse is hidden in an application program that a user is eager to try, something like a new game or a program
that promises to increase efficiency. Inside the horse is a logic bomb that will cause the entire system to
crash the third time the user runs the new program. If he is lucky, the user will thoroughly enjoy the program
the first two times it is run, because when he tries to use it the third time, the program he was eager to try
will disable his whole system.
Rootkits: These are types of malicious software aiming to offer the attacker continuous access to an
infected computer and are usually designed to hide their existence from detection. Rootkits are installed by
an attacker once they have obtained administrator (or root) access to the system, either by direct attack or
by relieving the login data of privileged user. Once installed, the attacker will try to hide evidence of the
intrusion as well as maintain privileged access to the system through the rootkits. There are different kinds
of rootkits, such as application kernel and userland rootkits.
Logic Bomb: This is a special piece of software embedded in a proper working program to cause
catastrophic or undesirable effect in the computer’s operating system. It is a time-bomb since it will only
occur over a certain time, though; time criterion is not only the condition to set off logic bombs. Others
include, but are not limited to, installation of certain programs, running or regular usage of some programs
after a certain number of times, and occurrence of certain or special events.
Safeguarding Computer against Malicious Software
The following steps programs and devices could help safeguard your computer against malicious softward:
1.
Install and run anti-virus and anti-spy software and intrusion detection system regularly. Some of
the popularly tested and effective anti-malicious software are: COMODO, AVG Antispyware, Avast,
Kapersky, Norton Anti-virus and Internet Security.
51
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
2.
Prof. Godwin E. Oyedokun
Refrain from downloading and using freeware and sharewares, most especially from unknown
websites. Meanwhile, these freeware sites have relatively stood the test of time. They are: BitComet, CNET
and 4shared.
3.
Avoid the use of all forms of foreign (unknown) peripherals and software, i.e. disc, keyboard, etc.,
on the computer system.
4.
Indiscriminate copying and downloading of data and programs should be discouraged, most
especially on a file sharing network because of bundling. Bundling is a method whereby a malware, i.e.
Trojan horse, is included as part of a software as application downloaded from a file-sharing network.
5.
Access to computer system should be restricted using passwords, encryption techniques, log and
biometric controls.
6.
Back up your files regularly on CDs or DVDs. Perform virus scanning prior to backing up to ensure:
i.
Buying and downloading of only original software;
ii.
Discarding and not responding to spam and unsolicited mails;
iii.
Avoid exposing discs, tapes, USB and other computer peripherals to heat and sunlight.
SOFTWARE PIRACY
This is referred to as unauthorised copying and/or selling of data and programs in violation of the copyrights
for personal and economic benefit. Too many people do not take copyrights seriously, law-abiding people
everywhere think nothing of copying games and other utility software to share with friends, or office
software for home use. Bulletin board systems (BBS) often make pirated software available for
downloading or swapping. In a recent case, an MIT (Massachusetts Technology) student was accused of
running a BBS that was used in this way. Charges against him were eventually dropped, however, based
on the fact that the federal wire fraud statute did not apply to a case involving copyright infringements.
Only the copyright statute would apply, and it was not applicable where the infringing person did not intend
to profit from this conduct.
52
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
LECTURE 8
DIGITAL FORENSICS
INTRODUCTION
Digital forensics is also known as computer forensics or cyber-crime forensics. Professionals who manage
or administer information systems and networks should understand computer forensics. Forensics is the
process of using scientific knowledge for collecting, analysing, and presenting evidence to the courts. The
word forensics means “to bring to the court”. Forensics deals primarily with the recovery and analysis of
latent evidence.
What is Computer Forensics?
Computer forensics is a discipline that combines elements of law and computer science to collect and
analyze data from computer systems, networks, wireless communications, and storage devices in a way that
is admissible as evidence in a court of law.
Computer forensics is the practice of collecting, analysing and reporting on digital data in a way that is
legally admissible. It can be used in the detection and prevention of crime and in any dispute where evidence
is stored digitally. Computer forensics follows a similar process to other forensic disciplines and faces
similar issues.
Digital forensics is the process of uncovering and interpreting electronic data. The goal of the process is to
preserve any evidence in its most original form while performing a structured investigation by collecting,
identifying and validating the digital information for the purpose of reconstructing past events.
Computer forensics is the application of investigation and analysis techniques to gather and preserve
evidence from a particular computing device in a way that is suitable for presentation in a court of law. The
goal of computer forensics is to perform a structured investigation while maintaining a documented chain
of evidence to find out exactly what happened on a computing device and who was responsible for it.
Computer forensics is the application of investigation and analysis techniques to gather and preserve
evidence from a particular computing device in a way that is suitable for presentation in a court of law. The
goal of computer forensics is to perform a structured investigation while maintaining a documented chain
of evidence to find out exactly what happened on a computing device and who was responsible for it.
53
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
Forensic investigators typically follow a standard set of procedures: After physically isolating the device in
question to make sure it cannot be accidentally contaminated, investigators make a digital copy of the
device's storage media. Once the original media has been copied, it is locked in a safe or another secure
facility to maintain its pristine condition. All investigation is done on the digital copy.
Objectives of Computer Forensics
The main objectives of computer forensics can be summarized as follows:
a.
To recover, analyze, and preserve the computer and related materials in a manner that can be
presented as evidence in a court of law.
b.
To identify the evidence in a short amount of time, estimate the potential impact of the malicious
activity on the victim, and assess the intent and identity of the perpetrator.
The two basic types of data collected in computer forensics are as follows:
a.
Persistent Data: Persistent data is the data that is stored on a local hard drive (or another medium)
and is preserved when the computer is turned off.
b.
Volatile Data: Volatile data is any data that is stored in memory or exists in transit, that will be lost
when the computer loses power or is turned off. Volatile data resides in registries, cache, and random access
memory (RAM). Since volatile data is ephemeral, it is essentially an investigator knows reliable ways to
capture it.
More recently, commercial organisations have used computer forensics to their benefit in a variety of cases
such as:
a.
Intellectual Property theft
b.
Industrial espionage
c.
Employment disputes
d.
Fraud investigations
e.
Forgeries
f.
Bankruptcy investigations
g.
Inappropriate email and internet use in the workplace
h.
Regulatory compliance
Explanation of the Principles
1.
All digital evidence is subject to the same rules and laws that apply to documentary evidence. An
explanation of the above principles is as follows:
54
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
2.
Prof. Godwin E. Oyedokun
The doctrine of documentary evidence may be explained thus: the onus is on the prosecution to
show to the court that the evidence produced is no more and no less now than when it was first taken into
the possession of law enforcement.
3.
Operating systems and other programs frequently alter, add and delete the contents of electronic
storage. This may happen automatically without the user necessarily being aware that the data has been
changed.
4.
In order to comply with the principles of digital evidence, wherever practicable, proportionate and
relevant an image should be made of the device. This will ensure that the original data is preserved, enabling
an independent third party to re-examine it and achieve the same result, as required by principle.
5.
This may be a physical / logical block image of the entire device, or a logical file image containing
partial or selective data (which may be captured as a result of a triage process).
Investigators should use their professional judgment to endeavour to capture all relevant evidence if this
approach is adopted.
6.
In cases dealing with data which is not stored locally but is stored at a remote, possibly inaccessible
location it may not be possible to obtain an image. It may become necessary for the original data to be
directly accessed to recover the data. With this in mind, it is essential that a person who is competent to
retrieve the data and then able to give evidence to a court of law makes any such access. Due consideration
must also be given to applicable legislation if data is retrieved which resides in another jurisdiction.
7.
It is essential to display objectivity in a court of law, as well as the continuity and integrity of
evidence. It is also necessary to demonstrate how evidence has been recovered, showing each process
through which the evidence was obtained. Evidence should be preserved to such an extent that a third party
is able to repeat the same process and arrive at the same result as that presented to a court.
8.
It should be noted that the application of the principles does not preclude a proportionate approach
to the examination of digital evidence. Those making decisions about the conduct of a digital investigation
must often make judgements about the focus and scope of an investigation, taking into account available
intelligence and investigative resources. This will often include a risk assessment based on technical and
non-technical factors, for example, the potential evidence which may be held by a particular type of device
or the previous offending history of the suspect. Where this is done it should be transparent, decisions
should be justifiable, and the rationale recorded.
Stages of Digital Forensic Examination
Digital forensic examination process can be divided into six stages, presented in their usual chronological
order as follows:
55
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
1.
Identification
2.
Readiness
3.
Evaluation
4.
Collection
5.
Preservation
6.
Analysis
7.
Presentation
8.
Review
9.
Reporting
Prof. Godwin E. Oyedokun
What is Digital Evidence?
Digital Evidence refers to digital data that establish that a crime has been committed. It can provide a link
between a crime and its victim or can provide a link between a crime and the perpetrator. Digital Evidence
is any information that can be secured from an information system and used during the course of any civil
or criminal legal proceedings. This extends to internal disciplinary hearings, employment tribunals,
arbitration plans and all courts of law. Digital Evidence will also have to sit alongside other forms of
evidence (witness testimonies, paper documents and other kinds of forensic evidence).
Key Facts about Digital Evidence
1.
Many types of crime involve digital evidence.
2.
Every crime scene is a digital evidence crime scene. Investigators must apply the same level of
care, custody, and control to ensure their personal safety and to preserve all types of evidence.
3.
Digital evidence can be fragile. If not handled properly, heat, cold, and magnets can destroy it.
Digital evidence can also be damaged by dropping it.
4.
Digital evidence can be easily altered. If a computer is off, leave it off. Just turning it on or taking
a quick peek at the files can change the data. If the computer is on, perform a proper shutdown or ask a
digital forensics Examiner for assistance. When in doubt, leave the device “off.”
5.
The digital fraud examiner should never assume that digital evidence is destroyed.
Role of Digital Evidence
When intruders bypass the security settings of a victim’s computer or network, they often leave evidence
that can serve as clues to document the attack. Certain factors that can contain valuable evidence include:
56
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
1.
Prof. Godwin E. Oyedokun
Use/abuse of the Internet, indicating the intruder probably exchanged some type of communication
or was able to install malware on the victim’s computer
2.
Production of false documents and accounts, which indicates that the intruder is probably
concealing something
3.
The encrypted or password-protected material, which indicates that the intruder is transferring or
hiding some secret information
4.
Abuse of the systems, as when the attacker is using the victim’s computer as a zombie or bot to
further the attacker’s criminal activity
5.
E-mail contact between suspects/conspirators, which could indicate that more than one intruder is
involved and that some sort of collusion has taken place.
6.
Theft of commercial secrets or proprietary information
7.
Unauthorized transmission of confidential information
8.
Records of movements within the company, allowing the attacker to benefit from insider
knowledge
9.
Malicious attacks on the computer systems themselves, up to and including denial-of-service
attacks
10.
Stealing the names and addresses of the user’s or company’s contacts
Processing of Digital Evidence
Digital evidence can be processed in the following ways. These include:
1.
Assessment: Computer forensic examiners should assess digital evidence thoroughly with respect
to the scope of the case to determine the course of action to take.
2.
Acquisition: Digital evidence, by its very nature, is fragile and can be altered, damaged, or
destroyed by improper handling or examination. The examination is best conducted on a copy of the original
evidence. The original evidence should be acquired in a manner that protects and preserves the integrity of
the evidence.
3.
Examination: The purpose of the examination process is to extract and analyze digital evidence.
Extraction refers to the recovery of data from its media. Analysis refers to the interpretation of the recovered
data and putting it in a logical and useful format.
4.
Documenting and reporting: Actions and observations should be documented throughout the
forensic processing of evidence. This will conclude with the preparation of a written report of the findings.
57
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
Criminal Uses of Digital Evidence
Digital information is created, stored, processed, and/or translated by an electronic device. To better
understand how digital information can be a factor in a criminal investigation, the following are important:
1.
A computer or digital evidence item may play a role in a crime. Therefore, during the investigation,
it’s necessary to determine the item’s role in order to handle and treat it properly.
2.
Digital evidence could play any or all of three roles in a crime:
a.
The target of a crime
b.
The instrument of a crime
c.
Repository of evidence that documents the crime itself.
Identifying Digital Evidence
Digital evidence typically falls into four distinct categories. These include: Commonplace:
Commonplace digital media can include any of the following:
a.
Cell Phones
b.
Thumb Drives
c.
Digital Cameras
d.
DVD/CDs
e.
MP3 Players
f.
Flash Memory Cards
Obscure:
Non-traditional digital media that are present during the execution of a digital search warrant but are often
not noticed, thought of or identified as an item containing usable or relevant digital media. Obscure digital
media can include:
a.
Printers with Smart Media or Internal Memory
b.
Digital Video Recorder (i.e., DVRs, aka “TiVo®”)
c.
Answering Machines
d.
GPS Receivers (e.g., Garmin devices)
e.
Game Consoles (e.g., Xbox, PlayStation)
f.
Digital Voice Recorders.
58
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
Protected:
Non-traditional digital media that include those meant to prevent unauthorized access or to conceal data
through either encryption or biometric verification. These devices include:
a.
Iris Scanners
b.
Fingerprint Readers
c.
Access Cards
Concealed:
Digital media designed to disguise or conceal their true purpose and are easily hidden and/or transported
on one’s person. If law enforcement personnel do not conduct a thorough and proper search, they very
likely won’t recover concealed media, which can include:
a.
Computers disguised as boxes or bottles
b.
USB flash drives disguised as wristbands, pens, watches, earrings, pocket knives, credit cards, toys,
and everyday objects.
59
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
LECTURE 9
MONEY LAUNDERING AND TERRORISM FINANCING
INTRODUCTION
We now live in an era of international money laundering controls. The Anti-Money Laundering (AML)
field and brought into stark relief the threat of the movement and disguising of funds and introducing a
whole new effort to combating money laundering. As a result of the governmental reaction in virtually all
countries, banks, non-bank financial institutions and nonfinancial businesses face tougher national and
international legal requirements and harsher penalties than ever before. By the same token, the regulators
of those businesses and the law enforcement agents and prosecutors who enforce the criminal laws also
face greater challenges and responsibilities in their work. As a result of this, the jobs of the professionals
who strive to ensure that their organizations are protected from being used for money laundering are now
much more demanding and the job pressures are more severe.
The Financial Action Task Force (FATF) of the organization for Economic Cooperation and Development
(OECD) has defined money laundering as the goal of a large number of criminal acts is to generate profit
for the individual or group that carries out the act. Money laundering is the processing of these criminal
proceeds to disguise their illegal origin. This process is of critical importance, as it enables the criminal to
enjoy these profits without jeopardizing their source.
What is Money Laundering?
The term “money laundering” describes a range of practices used to disguise the source of illicit profits and
integrate them into the legitimate economy. Simply put, money laundering means ‘washing’ dirty money
so that it appears clean. Corrupt officials and other criminals use money laundering techniques to hide the
true sources of their income. This allows them to avoid detection by law enforcement and to spend their
profits freely. Money laundering in some form is an essential part of most illicit enterprises, although
methods vary widely. Large drug-trafficking organizations and corrupt public officials use complex,
multijurisdictional layering schemes; small-time criminals use simpler strategies.
Money laundering involves taking criminal proceeds and disguising their illegal source in anticipation of
ultimately using the criminal proceeds to perform legal and illegal activities. Simply put, money laundering
is the process of making dirty money look clean. The Financial Action Task Force (FATF) is a Paris-based
multinational or inter-governmental body formed in 1989 by the Group of Seven industrialized nations to
60
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
foster international action against money laundering. According to the Financial Action Task Force (FATF),
crimes such as illegal arms sales, narcotics trafficking, smuggling and other activities of organized crime
can generate huge amounts of proceeds. Embezzlement, insider trading, bribery and computer fraud
schemes can also produce large profits, creating the incentive to “legitimize” the ill-gotten gains through
money laundering.
Money laundering is the process of creating the appearance that large amounts of money obtained from
serious crimes, such as drug trafficking or terrorist activity, originated from a legitimate source. Money
laundering happens in almost every country in the world, and a single scheme typically involves transferring
money through several countries in order to obscure its origins. Money laundering is a crucial step in the
success of drug trafficking and terrorist activities, not to mention white collar crime, and there are countless
organizations trying to get a handle on the problem. When a criminal activity generates substantial profits,
the individual or group involved must find a way to use the funds without drawing attention to the
underlying activity or persons involved in generating such profits. Criminals do this by disguising the
sources, changing the form or moving the money to a place where it is less likely to attract attention.
Stages in the Money Laundering Cycle
Stage One: Placement
This is the first stage in the washing cycle. Money laundering is a "cash-intensive" business, generating
vast amounts of cash from illegal activities (for example, street dealing of drugs where payment takes the
form of cash in small denominations). The monies are placed into the financial system or retail economy
or are smuggled out of the country. The aims of the launderer are to remove the cash from the location of
acquisition so as to avoid detection from the authorities and to then transform it into other asset forms; for
example traveller's cheques, postal orders, etc. Placement is the physical disposal of cash or other assets
derived from criminal activity. During this initial phase, the money launderer introduces the illegal proceeds
into the financial system. Often, this is accomplished by placing the funds into circulation through financial
institutions, casinos, shops and other businesses, both domestic and international. This phase can involve
transactions such as:
a.
Breaking up large amounts of cash into smaller sums and depositing them directly into a bank
account.
b.
Transporting cash across borders to deposit in foreign financial institutions, or to buy high valued
goods such as artwork, antiques, and precious metals and stones that can then be resold for payment by
check or bank transfer.
61
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
Stage Two: Layering
In the course of layering, there is the first attempt at concealment or disguise of the source of the ownership
of the funds by creating complex layers of financial transactions designed to disguise the audit trail and
provide anonymity. The purpose of layering is to disassociate the illegal monies from the source of the
crime by purposely creating a complex web of financial transactions aimed at concealing any audit trail as
well as the source and ownership of funds. In other words, layering involves the separation of illicit
proceeds from their source by layers of financial transactions intended to conceal the origin of the proceeds.
This second stage involves converting the proceeds of the crime into another form and creating complex
layers of financial transactions to disguise the audit trail, source and ownership of funds. This phase can
involve transactions such as:
a.
Sending wire transfers of funds from one account to another, sometimes to or from other institutions
or jurisdictions.
b.
Converting deposited cash into monetary instruments (e.g. traveller’s checks).
c.
Reselling high-value goods and prepaid access/stored value products.
d.
Investing in real estate and legitimate businesses.
e.
Placing money in investments such as stocks, bonds or life insurance
f.
Using shell companies or other structures whose primary intended business purpose is to obscure
the ownership of assets.
Stage Three: Integration: Justification
The goal in this stage is to create an apparent legal origin for the criminal proceeds. This can be done by:
i.
Doing business with yourself (e.g. falsifying sources of income, capital gains and/or loans)
ii.
Disguising the ownership of assets
iii.
Using the criminal proceeds in transactions with third parties
The money launderer creates an apparent legal origin of the money by fabricating transactions which are
supported by falsified and fabricated documents such as invoices, reports, contracts, agreements,
bookkeeping entries, and deeds as well as false statements, both written or spoken. Common justification
methods used include:
i.
Fabricating a loan (e.g. loan-back or back-to-back)
ii.
Fabricating a rise in net worth (e.g. buying and selling real estate and other items, fabricating casino
winnings, lottery prizes, inheritance, etc.)
iii.
Disguising the ownership of assets and interest in businesses (e.g. through the use of relatives,
foreign legal entities, nominees, etc.)
iv.
62
Price-manipulating (e.g. over- and under-invoicing)
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
v.
Prof. Godwin E. Oyedokun
Manipulating turnover/sales by commingling illicit and legal sources of income
Integration: Investment
The goal in this final stage is to use criminal proceeds for personal benefit. Cash, electronic money and
crypto currencies can be used for:
i.
Safekeeping: e.g. cash on hand, crypto currencies in a wallet
ii.
Consumption: e.g. day to day expenditures, lavish lifestyle, jewelry, vehicles, yachts, art
iii.
Investing: e.g. bank accounts, real estate, stocks, securities, receivables, funding of legitimate and
illicit business activities, repayment of loans
Methods of Money Laundering
Banks and Other Depository Institutions
Banks have historically been, and continue to be, an important mechanism for the disposal of criminal
proceeds. There are some special areas of interest and concern for money laundering through banks and
other depository institutions. These include
1.
Electronic Transfers of Funds
Some indicators of money laundering using electronic transfers of funds include the following:
a.
Funds transfers that occur to or from a financial secrecy haven, or to or from a high-risk geographic
location without an apparent business reason, or when the activity is inconsistent with the customer’s
business or history.
b.
Large, incoming funds transfer that is received on behalf of a foreign client, with little or no
explanation or apparent reason
c.
Many small, incoming transfers of funds that are received, or deposits that are made using checks
and money orders. Almost immediately, all or most of the transfers or deposits are wired to another account
in a different city or country in a manner inconsistent with the customer’s business or history.
d.
Funds activity that is unexplained, repetitive or shows unusual patterns.
e.
Payments or receipts are received that have no apparent link to legitimate contracts, goods or
services.
f.
Funds transfers that are sent or received from the same person to or from different accounts
2.
Correspondent Banking:
Correspondent banking is vulnerable to money laundering for two main reasons:
a.
By their nature, correspondent banking relationships create a situation in which a financial
institution carries out financial transactions on behalf of customers of another institution. This indirect
63
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
relationship means that the correspondent bank provides services for individuals or entities for which it has
neither verified the identities nor obtained any first-hand knowledge.
b.
The amount of money that flows through correspondent accounts can pose a significant threat to
financial institutions, as they process large volumes of transactions for their customers’ customer. This
makes it more difficult to identify the suspect transactions, as the financial institution generally does not
have the information on the actual parties conducting the transaction to know whether they are unusual.
Additional risks incurred by the correspondent bank include the following issues:
a.
While the correspondent bank may be able to learn what laws govern the respondent bank,
determining the degree and effectiveness of the supervisory regime to which the respondent is subject may
be much more difficult.
b.
Determining the effectiveness of the respondent bank's Anti-Money Laundering (AML) controls
can also be a challenge. While requesting compliance questionnaires will provide some comfort, the
correspondent bank is still very reliant on the respondent doing some due diligence on the customers it
allows to use the correspondent account.
c.
Some banks offering correspondent facilities may not ask their respondents about the extent to
which they offer such facilities to other institutions (nesting). This adds another layer and means the
correspondent bank is even further removed from knowing the identities or business activity of these subrespondents, or even the types of financial services provided.
3.
Payable-through Accounts:
Elements of a payable-through accounts (PTAs) relationship that can threaten the correspondent bank’s
money laundering defences include:
a.
Payable-through accounts (PTAs) with foreign institutions licensed in offshore financial services
sectors with weak or absent bank supervision and weak licensing laws.
b.
Payable-through accounts (PTAs) arrangements where the correspondent bank regards the
respondent bank as its sole customer and fails to apply its Customer Due Diligence policies and procedures
to the customers of the respondent bank
c.
Payable-through accounts (PTAs) arrangements in which sub-account holders have currency
deposit and withdrawal privileges
d.
Payable-through accounts (PTAs) used in conjunction with a subsidiary, representative or another
office of the respondent bank, which may enable the respondent bank to offer the same services as a branch
without being subject to supervision.
64
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
4.
Prof. Godwin E. Oyedokun
Concentration Accounts:
Banks that use concentration accounts should implement adequate policies, procedures and processes
covering operation and recordkeeping for these accounts. Here are some anti-money laundering practices
for these accounts.
a.
Requiring dual signatures on general ledger tickets
b.
Prohibiting direct customer access to concentration accounts.
c.
Capturing customer transactions in the customer’s account statements.
d.
Prohibiting customers' knowledge of concentration accounts or their ability to direct employees to
conduct transactions through the accounts
e.
Retaining appropriate transaction and customer identifying information
f.
Reconciling accounts frequently by an individual who is independent of the transactions.
g.
Establishing a timely discrepancy resolution process
h.
Identifying and monitoring recurring customer names
5.
Private Banking:
The following factors may contribute to the vulnerabilities of private banking with regard to money
laundering:
a.
Perceived high profitability
b.
Intense competition
c.
Powerful clientele
d.
The high level of confidentiality associated with private banking
e.
The close relationship of trust developed between relationship managers and their clients.
f.
Commission-based compensation for relationship managers
g.
A culture of secrecy and discretion developed by the relationship managers for their clients
h.
The relationship managers becoming client advocates to protect their clients
6.
Structuring:
The processes of how foreign money brokers conduct structuring are highlighted below:
a.
A structurer, who is acting for a foreign money broker, opens numerous checking accounts in
Country a using real and fictitious names. Sometimes the structure uses identification documents of dead
people supplied by the money brokers.
65
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
b.
Prof. Godwin E. Oyedokun
With funds supplied by the money brokers, the structure opens the accounts with inconspicuous
amounts, usually in the low four figures.
c.
To allay bank suspicions, the money brokers sometimes deposit extra funds to cover living
expenses and to give the accounts an air of legitimacy.
d.
Once the accounts are opened, the structurer signs the newly-issued checks in blank, leaving the
payee, date and amount lines blank.
e.
He sends the signed blank checks to the money broker in country B, usually by courier.
f.
A structurer may open as many as two dozen checking accounts in this fashion. It is not uncommon
for brokers to have more than 20 of these checking accounts in Country A available at any given time.
g.
The checking accounts usually accumulate only a few thousand dollars before they are cleared out
by checks drawn by the money brokers to pay for exports from Country A to Country B’s money brokerage
customers.
h.
The availability of hundreds of these accounts to Country B’s money brokers leaves open the
possibility that tens of millions of dollars could be passing through them each year
7.
Bank Complicity:
Economic and Social Consequences of Money Laundering
Social Effects of Money laundering
1.
Increased Crime and Corruption:
Successful money laundering helps enhance the profitable aspects of criminal activity. When a country is
seen as a haven for money laundering, it will attract people who commit a crime. Typically, havens for
money laundering and terrorist financing have:
a.
A limited number of predicate crimes for money laundering
b.
Limited types of institutions and persons covered by money laundering laws and regulations
c.
Little to no enforcement of the laws, weak penalties, or provisions that make it difficult to confiscate
or freeze assets related to money laundering
If money laundering is prevalent, there is likely to be more corruption. Criminals may try to bribe
government officials, lawyers and employees of financial or non-financial institutions so that they can
continue to run their criminal businesses.
2.
Undermining the Legitimate Private Sector:
3.
Weakening Financial Institutions:
a.
Loss of profitable business
b.
Liquidity problems through withdrawal of funds
66
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
c.
Termination of correspondent banking facilities
d.
Investigation costs and fines
e.
Asset seizures
f.
Loan losses
g.
Reduced stock value of financial institutions
Prof. Godwin E. Oyedokun
Economic Effects of Money laundering
The economic effects of money laundering include:
1.
Loss of control of, or mistakes in, decisions regarding economic policy:
2.
Economic Distortion and Instability:
3.
Loss of Tax Revenue
4.
Risks to Privatization Efforts:
5.
Reputation Risk for the Country:
6.
Social Costs:.
Combating Money Laundering in Nigeria
In the light of the underlined facts, money laundering in regarded as heinous crime which may undermine
national growth and economic development because of its unproductive nature. It discourages reasonable
investment, hence, the nation across the world put in place many anti-money laundering measures (AML)
to combat the crime Nigeria Inclusive. However, the following are some of the legal framework that deals
with money laundering.
i.
The Nigeria constitution
ii.
The EFCC Act
iii.
ICPC Act
iv.
BOFID 1990
v.
Money laundering act
vi.
Audit standards
vii.
Accounting Standards
viii.
The customs
ix.
NDELA
x.
Immigration
xi.
Procurement Act
xii.
CBN Act
67
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
The relationship between Fraud and Money Laundering
Although both fraud and money laundering are crimes based on deception and although the movement of
funds obtained by fraud is a type of money laundering, fraud and money laundering are distinctly different
and should not be confused. Money laundering has been defined in a number of ways, but essentially, it is
a process undertaken by or on behalf of criminals with the object of hiding or disguising their criminal
activities and the origin of their illicit proceeds. The goals are often achieved through a series of financial
transactions, sometimes involving a number of countries and through a variety of financial products.
Characteristics that distinguished Money Laundering from Fraud
There are two important characteristics of money laundering distinguish it from fraud. These include:
1.
Money laundering is far less likely to affect financial statements than the broad spectrum of frauds
is because of the conduit phenomenon. Hence, it is highly unlikely that financial statement auditing
procedures will identify or even stumble unto possible indications of money laundering.
2.
Fraudulent activities usually result in the loss or disappearance of assets or revenue from the
business whereas money laundering may actually create significant fee income because businesses may
charge fees for the transactions that permit the illicit proceeds to be distanced from their source.
Nevertheless, many conditions and control deficiencies that may contribute to fraud vulnerability may also
contribute to money laundering vulnerability that is, the risk of criminal activities going undetected.
Prominent among these are highlighted below:
i.
Lack of a strong control environment
ii.
Lack of a strong regulatory compliance function, in the absence of which a business is subject to
high compliance risk and reputational risk
iii.
Lack of well-defined and well-communicated enterprise-wide ethical guidance and standards and
related training programs
iv.
Lack of a robust internal audit compliance program
v.
Previous report of examiners or auditors, memorandums of understanding and past administrative
and enforcement actions citing compliance problems, control deficiencies, or concerns over management's
competence and/or integrity
vi.
Significant revenues stemming from assets or liabilities associated with high-risk jurisdictions
notably bank secrecy havens
vii.
Abnormally high electronic funds transfer activity from and to high-risk jurisdictions with
insufficient controls
viii.
68
Lack of background checks on new employees
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
ix.
Prof. Godwin E. Oyedokun
Unreasonably infrequent or non-existent reviews of security software and systems
Why combat Money Laundering?
Fighting money laundering serves several purposes.
i.
Societal importance
ii.
To identify tax crimes & other financial crimes
iii.
To locate and confiscate criminal assets
iv.
Legal context
69
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
LECTURE 10
EVIDENCE AND EVIDENCE HANDLING TECHNIQUES
INTRODUCTION
In general terms, the evidence consists of anything that can be used to prove something. In a legal sense,
evidence means an assertion of fact, opinion, belief, or knowledge whether material or not and whether
admissible or not. According to ACFE Manual (2017), Evidence refers to an intricate set of principles
developed and refined over hundreds of years, that are designed to ensure that only relevant and probative
evidence is admitted in court proceedings, and that irrelevant, unreliable, and prejudicial evidence is
excluded so that cases can be fairly and expeditiously decided.
Every aspect of trying a case from filing the complaint through discovery, into the presentation of witnesses
and exhibits is affected by rules of evidence. This body of law covers not just what counts as evidence, but
how that evidence is gathered, handled, and presented. The rules of evidence can be complex, and counsel
should be contacted if an important question of evidence arises in the course of a fraud examination.
Additionally, rules of evidence vary by jurisdiction, even within the same country. For example, in the
United States, state courts have different rules for the admissibility of evidence that the federal courts.
Forms of Evidence
The evidence is anything perceptible by the five senses, which is invoked in the process of arguing a case.
Documents, spoken recollections, data of various sorts and physical objects are all potential evidence.
Evidence is simply anything that relates to the proving or disproving of a fact or consequence. With the
known universe available for court inspection, legal authorities have narrowed the field by setting up
categories to evaluate evidentiary significance. There are three basic forms, as distinguished from types, of
evidence and they are:
a.
Testimonial,
b.
Real, and
c.
Demonstrative.
1. Testimonial Evidence:
This refers to the oral statements made by witnesses under oath. In general, there are two types of
testimonial witnesses and they are:
70
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
a.
Lay witnesses and
b.
Expert witnesses.
Prof. Godwin E. Oyedokun
A lay (or fact) witness is a non-expert witness who must testify from personal knowledge about a matter
at issue. An expert witness is a person who, by reason of education, training, skill, or experience, is
qualified to render an opinion or otherwise testify in areas relevant to the resolution of a legal dispute.
2. Real Evidence:
This type of evidence describes physical objects that played a part in the issues being litigated. The term
includes both documentary evidence such as cancelled cheques, invoices, ledgers, and letters as well as
other types of physical evidence. Therefore, a typewriter or printer in a case involving questioned
documents is clearly real evidence, as it is a tape recording since members of the court can hear the sounds
at first hand.
3. Demonstrative Evidence:
This is a tangible item that illustrates some material proposition, for example, a map, a chart, or a summary.
It differs from real evidence because it was not part of the underlying event; it was created specifically for
the trial. Its purpose is to provide a visual aid for the jury. Nonetheless, demonstrative evidence is evidence
and can be considered by the jury in reaching a verdict.
Admissibility of Evidence
Not all evidence is admissible. To be admissible, it must satisfy certain requirements. But because civil law
systems do not rely on juries like common law systems, there is a relative lack of restrictions on the
admissibility of evidence in civil law systems. Thus, there are far fewer limitations on the admissibility of
evidence in civil law trials than in common law ones. The admissibility of evidence depends, in large part,
on the discretion of the trial judge.
The evidence is relevant if it tends to make some fact at issue more or less likely than it would be without
the evidence. The facts in issue, of course, vary according to the case, but generally can be said to be those
that tend to prove the essential elements of the offence or claim as well as related matters such as motive,
opportunity, the identity of the parties, and credibility. Whether a particular piece of evidence is relevant or
not depends on what the evidence is offered to prove. An item of evidence might be relevant and admissible
if offered to prove one thing, but not relevant and inadmissible if offered to prove something else. For
example, evidence of other crimes, wrongs, or acts committed by the defendant would not be admissible if
71
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
offered to prove that the defendant is generally a bad person, and therefore is likely to have committed the
crime with which he is charged. However, evidence would be admissible if offered to prove motive, intent,
identity, the absence of mistake, or modus operandi, if such factors are at issue. If evidence of other wrongs
or acts is admitted, the judge will instruct the jury that they may consider the evidence only as it relates to
the narrow issue for which it was admitted and may not consider it for any other purpose.
In common law systems, questions involving the admissibility of evidence occur when one party objects to
another party's offer of evidence. If a judge sustains an objection, the evidence is not admitted. If, however,
the judge overrules the objection, the evidence is admitted and can be considered by the fact finder. Also,
in common law systems using adversarial processes, the fact that an item of evidence is relevant does not,
however, automatically mean that it will be admitted. Relevant evidence still might be excluded if it is
unduly prejudicial, threatens to confuse or mislead the jury, threatens to cause unnecessary delay or waste
of time, or is merely cumulative. Relevant evidence also might be excluded if it is subject to certain
privileges.
Thus, evidence of drug addiction technically might be relevant to prove motive for embezzlement or fraud,
but the judge still might exclude the evidence if he believes that its probative value is outweighed by the
danger of prejudice to the defendant.
There are two basic types of admissible evidence:
i.
Direct evidence and
ii.
Circumstantial evidence.
1.
Direct Evidence: this is the evidence that tends to prove or disprove a fact in issue directly, such
as eyewitness testimony or a confession.
2.
Circumstantial Evidence: this is evidence that tends to prove or disprove facts in issue indirectly,
by inference. Many fraud cases are proved entirely by circumstantial evidence, or by a combination of
circumstantial and direct evidence, but seldom by direct evidence alone. The most difficult element to prove
in many fraud cases fraud the client intent is usually proved circumstantially, and necessarily so, because
direct proof of the defendant's state of mind, absent a confession or the testimony of a co-conspirator, is
impossible.
72
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
In a circumstantial case, the court may instruct the jury that the prosecution must exclude all inferences
from the facts other than its determination of guilt. Even if no such instruction is given, the Certified Fraud
Examiner should apply the same standard in preparing a circumstantial case. The distinction between direct
and circumstantial evidence, however, is more significant in common law systems than in civil law systems
because, in civil law trials, the court weighs all relevant evidence, regardless of type, to reach its decision.
Special Rules Concerning the Admission of Evidence in Adversarial Proceedings
Common law systems that use adversarial processes have several rules that restrict the admission of
evidence that is not present in civil law systems that use inquisitorial proceedings. While relevancy is a key
part to the presentation of evidence in common law and civil law systems, evidence in common law systems
is distinguished by special rules that exclude certain forms of evidence that lack reliability.
The most common of these rules are:
i.
The rule against character evidence
ii.
The rule against opinion testimony
iii.
The rule of authentication
iv.
The best evidence rule
v.
The rule against hearsay
EVIDENCE-GATHERING PROCEDURES
According to Hopwood, Leiner and Young (2012), there are seven primary evidence gathering procedures
that are available to the auditor:
i.
Confirmation,
ii.
Observation,
iii.
Physical examination,
iv.
Reperformance,
v.
Analytical-procedures,
vi.
Inquiry of the client, and
vii.
Documentation.
73
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
TYPES OF EVIDENCE SOURCE
The general sources of evidence in fraud investigations include the following:
i.
Physical evidence,
ii.
Document evidence,
iii.
Observations, and
iv.
Interviews.
The Steps in the Evidence Collection Process
The Evidence collection process begins with a review of the physical and documentary evidence. The
process then proceeds to observations and interviews. These steps are separately discussed below:
Review the Physical and Document Evidence:
Depending on the case, the review of the physical and documentary evidence may involve items such as
accounting records, application forms, credit reports, bank statements, and tax returns.
The objective of the physical and document review phase is to become as familiar as possible with the
relevant business processes and individuals involved as well as the pos¬sible fraud scheme before
conducting any interviews. This serves two main purposes:
a.
A thorough knowledge of the business processes and the physical and document evi-dence helps
the investigator to know whom to interview, the order in which to interview individuals, and the questions
to ask.
b.
In many cases, it is possible to keep the investigation secret while reviewing physical and
documentary evidence. Once interviewing begins, it can be difficult to keep everyone, includ¬ing
perpetrators, from knowing that an investigation is underway. Once perpetrators know that an investigation
is underway, they may destroy evidence, disappear, or fabricate false stories.
Observation
There is nothing better than catching a fraudster in the actions of the fraud. Moreover, in some types of
frauds, especially those that involve identity theft, this is frequently the only way to catch and convict a
fraudster. The reason for the difficulty in cases of identity theft is that the investigator might know the
fraudster only by the fraudster's assumed identity. It is obviously difficult to take legal action against a
person whose identity is unknown.
74
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
In cases of internal asset misappropriation, catching a fraudster in the act may result in substantial savings
in the cost of the fraud investigation. For example, in one case, a bookkeeper made thousands of false
entries into the cash receipts journal and completely destroyed the accounts receivable files. It took a fraud
examiner many months to recor¬d the corrupted accounting records and unravel the fraud scheme.
However, tot, the fraud investigator, the bookkeeper had complete and uncorrupted copies of the records at
his home. Had the fraud examiner caught the bookkeeper in the act at the of the investigation, the chances
would have been very good that the bookkeeper would have confessed and turned over his home copies of
the accounting records, saving the fraud examiner months of work that, were billed to the client at hundreds
of dollars hour. However, the investigator never had an opportunity to catch the bookkeeper in the act
because the business owner had confronted the bookkeeper before calling an Independent fraud
investigator. As a result, the bookkeeper immediately quit and hired a lawyer r, who declined to permit the
bookkeeper even to grant an interview to the fraud investigator.
The importance of catching a fraudster in the act by a video recording, if possible, cannot be
overemphasized; previously mentioned fraud investigations can be consuming and expensive. Therefore,
at the beginning of any investigation, there is a need for serious consuming and during any investigation;
the serious hope of simplifying the entire investigation is expedient. In some cases, this might require the
assistance of a private detective with special equipment and skills useful for surveillance cases, legal
counsel should be consulted to ensure that any surveillance is conducted lawful way.
In considering the extent which to use observation, the investigator must weigh the benefits of catching the
thief in the act versus the possibility of continuing losses. In many cases, the main priority is stopping the
fraud scheme as soon as possible.
Interviews
Interviews are conducted after the investigator has carefully studied all other types of dents and have a
fairly strong theory of the fraud scheme under consideration. The goal ideally, is best to record the suspect
before he/she is aware that he is a suspect or is aware that a fraud investigation is underway. This step
increases the possibility of catching the suspect making inconsistent statements or telling outright lies.
75
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
LECTURE 11
FORENSIC AND FRAUD INVESTIGATION REPORT WRITING
INTRODUCTION
Writing effective reports is a critical skill for Forensic Accountants. A thorough investigation or keen
analysis will often do little good if the forensic accountants/fraud examiners cannot convey the information
in a written format. Fraud examiners typically must be very flexible in their writing technique, because
reports should generally be tailored to the situation, as well as to the needs of the party requesting the report.
Even so, many aspects of good writing such as accuracy, relevancy, and clarity are universal to all reports
(ACFE, 2019).
Report of Investigation
Documenting an investigation is as important as performing it. A poorly documented case file can lead to
a disappointing conclusion, can result in a dissatisfied client, and can even damage the financial accounting
investigator’s reputation and that of the investigator’s firm. The form of the report whether oral or written
is a matter to be discussed with the client and with counsel. While it is not the responsibility of the forensic
accounting investigator to advise on the legal perils associated with various forms of reporting, there are
certain issues of which forensic accounting investigators should be aware as their clients debate the form
of reporting that will conclude the investigator’s investigation.
In the common circumstance, the conclusion cannot be decided at the inception of the engagement, it is
required to conduct the investigation in a manner that will facilitate a comprehensive oral report, including
the key documents and any exhibits necessary to illustrate the findings. Many investigations begin small,
but there is no way to know with certainty where they will lead and what will be required at the conclusion.
Although the client may not have requested a report at the outset of the investigation, some event during
the investigation may change the client’s mind, the appropriate and effective response should be deciphered.
For example, it may be observed during an investigation that an officer of the company violated a law or
regulation, thereby requiring the company to consider self-reporting and possibly bringing a civil action
against the officer and other third parties. Alternatively, it may be subpoenaed for a forensic investigator in
an investigation that has captured the attention of regulatory agencies or law enforcement.
76
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
Types of Report
The following types of reports are relevant and they include:
i.
Written reports
ii.
Informal reports
iii.
Oral reports
1. Written Reports
Reports documenting an investigation differ considerably from audit opinions issued under Generally
Accepted Auditing Standards (GAAS). The investigative report writer is not constrained by the required
language of a governing standard, and investigative reports differ from one another in organization and
content depending on the client’s stated needs. In contrast, audit reports adhere to the set formula prescribed
by the Generally Accepted Auditing Standards (GAAS). The uses of written reports also differ.
The client could do any of the following things with an investigative report, among others.
a.
Distribute the report to a select group of individuals associated with the company in various
capacities.
b.
Voluntarily give the report to a prosecutor as a referral for prosecution.
c.
Enter the report as evidence in a civil fraud proceeding.
d.
Give the report to outside counsel for use in preparing regulatory findings, entering negotiations,
or providing other legal services on behalf of the company.
A written report can be categorized into:
i.
Report of investigation: this form of written report is given directly to the client, which may be the
company’s management, board, audit committee of the board, in-house counsel or outside counsel. The
report should stand on its own; that is, it should identify all the relevant evidence that was used in concluding
on the allegations under investigation. This is important because the client may rely on the report for various
purposes such as corporate filings, lawsuits, employment actions, or alterations to procedures and controls.
ii.
Affidavits: These are voluntary declarations of facts and are communicated in a writta en form and
sworn to by the witness (declarant) before an officer authorized by the court.
2. Informal Report
These consist of memos to file, summary outlines used in the delivthe ery of an oral report, interview notes,
spreadsheets listing transactions along with explanatory annotations, and other, less-formal written material
prepared by the investigation team.
77
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
3. Oral Reports
Oral reports are usually given by the forensic accounting investigation engagement leader to those
overseeing an investigation, such as a company’s board, or to those who represent the company’s interests,
such as outside counsel.
Fraud Examination Report
A fraud examination report is a document written at the conclusion of a fraud examination. Generally, an
organization will have an allegation or a suspicion of fraud and will conduct a fraud examination to
determine whether fraud occurred, who may have been responsible, and the amount of loss. It may vary in
length and style across entities and types of investigations, but it generally offers the same message to a
similar audience, no matter the entity. Depending upon the structure of the organization, these reports may
be written for management, the board of directors or audit committee, and possibly the internal audit team.
There is customarily an executive summary at the beginning of the report, which includes the overarching
themes of the investigation, as well as a conclusion, if possible. It also usually includes a detailed
explanation of the activities performed in the investigation, evidence obtained, and justification for the
conclusion that the fraud examiner reached. These reports may be very formal documents or simply internal
memoranda.
A fraud examination report documents the results of a fraud examination and is generally created by one or
more critical members of the fraud examination team. Documenting results is a particularly important
function in fraud examinations. The fraud examination report conveys all the evidence necessary to evaluate
the case, and it can be used to corroborate previously known facts. An accurate report will add credibility
to the fraud examination and to the fraud examiner’s work. Additionally, requiring a written report will
force the fraud examiner to consider his actions during an investigation by requiring that he documents his
process. And a well-written report will omit irrelevant information, thereby allowing pertinent facts to stand
out. A first-rate fraud examination report is based on a first-rate fraud examination (ACFE, 2017)
Summary of Tips for writing Fraud Examination Reports
i.
Know your reader. Readers of fraud examination reports include company insiders, attorneys,
defendants, witnesses, judges, juries, and the media.
ii.
Understand your purpose. The primary purpose of a fraud examination report is to communicate
the results of a fraud examination and document the work performed.
iii.
Use clear, simple language that is not subject to various interpretations. Where necessary, explain
the meaning of complex or technical terms. Avoid jargon, slang, and colloquialisms as the fraud
78
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
examination report might be read by people, including jury members, who are not familiar with such
language.
iv.
Prepare the fraud examination report during the course of the examination and not long after the
fact in order to mitigate the risk of omitting or distorting important data. Transcribe interviews as soon as
possible after the questioning and, upon completing the examination, prepare a final or interim report
without delay. Timeliness preserves your memory of the interviews, enhances the accuracy of witness
testimony, and ensures that opposing counsel cannot claim that the interview is unreliable because it was
not recorded in a timely manner.
v.
Prepare a separate memorandum for each potential witness in order to safeguard confidentiality
and avoid subjecting the entire fraud examination report to discover)' by opposing counsel.
vi.
List the memoranda in the order in which you conducted the interviews so the reader can follow
the examination process as it progresses from one witness to the next.
vii.
Be mindful that information in the fraud examination report may be disclosed to adverse third
parties, including opposing legal counsel. Choose your wording carefully, as you may have to defend every
word.
viii.
Deal with sensitive company considerations, such as internal control deficiencies, in separate
communications in order to maintain their confidentiality; fraud examination reports will likely be reviewed
by people outside the company, including the general public and the opposition.
ix.
Include only those matters that are relevant to the examination in the fraud examination often yield
information of which the relevance is not immediately such cases, opt for completeness.
x.
Maintain impartiality by including all relevant information regardless of which side it favours or
what it proves or disproves.
xi.
Reconfirm the facts and ensure that the fraud examination report is accurate. Errors in dates,
amounts, spelling, and even the most seemingly unimportant facts or details can leave the entire report open
to question and criticism. Fraud examination reports are used as a basis for litigation and prosecution;
defence attorneys can cite the smallest error as evidence that the entire document is inaccurate.
xii.
Use visual aids, including financial statement graphs, time flow diagrams, and matrices, to help the
reader understand the case, especially when there are multiple witnesses, events, or other complex
relationships involved.
xiii.
Clarify the fraud examination report until conclusions are self-evident. Your job as a fraud
examiner is to find and present facts—not to express opinions or draw conclusions regarding guilt or
innocence. The facts of your report should stand on their own, without embellishment or commentary.
79
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
xiv.
Prof. Godwin E. Oyedokun
Proofread the fraud examination report multiple times for content, accuracy, format, spelling, word
usage, grammar, and punctuation. A poorly written report cannot communicate a message effectively to the
reader.
Fraud Risk Assessment Report
A fraud risk assessment report is generally quite different from most other reports that a fraud examiner
might write. It is likely to include less narrative and more charts, graphs, and other visual means to show
the areas of highest risk (and thus, the greatest concern) to the organization. These reports are usually not
publicly issued to avoid displaying particularly weak controls, audits, etc., to fraudsters that could take
advantage of such information. Fraud risk assessments are frequently not issued as reports at all, but rather
are kept in the documentation for developing audit plans (for auditors) and mitigating controls (for
management). When fraud risk assessment reports are issued, they are typically high-level discussions of
the general risks to the organization so as not to publicly divulge the detailed information.
Audit Report
There are two different types of auditors (external and internal), each of whom will issue different types of
reports. These reports may be standard boilerplate reports or may be customized for the particular audit
engagement.
External Audit Report
The most common and well-known report from external auditors is an opinion of the entity's financial
statements, which is issued in conjunction with the entity's annual report. Since users prefer, or even require,
financial information to be certified by an independent external auditor, many auditees rely on auditor
reports to certify their information in order to attract investors, obtain loans, and improve public appearance.
Such reports are typically derived from the standard template used by the Audit firm performing the audit.
In addition to the report expressing an opinion on the financial statements, other examples of external audit
reports include:
i.
Certification audit reports (e.g., an ISO 9000 audit report)
ii.
Compilations (not an audit, but requires a report)
iii.
Due diligence
iv.
Environmental audit report
v.
Financial forecasts
vi.
Filing of a public company's Form 10-Q and Form 10-K
80
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
vii.
Agreed upon procedures
viii.
Internal audit reports
ix.
Compliance audit reports
x.
Regulatory inspection reports
xi.
Review of financial statements (an overview with very limited auditing procedures)
xii.
Fraud and materiality memo
xiii.
Second opinion
xiv.
Control reports on internal controls
xv.
Employee benefit plan audit reports
Internal Audit Report
Internal Audit's principal product is the final report in which the auditor expresses opinions, presents the
audit findings, and discusses recommendations for improvements. Different entities use different formats
for audit reports. For example, one entity might issue the entire report in a table that includes very few
details regarding the procedures performed. Another entity may issue entirely narrative reports with specific
details of the procedures performed, findings, and recommendations. The structure of the report depends
upon the end users' needs and desires, but typically includes (at a minimum) the five (5) C's:
i.
Condition: What is the particular problem identified?
ii.
Criteria: What is the standard that was not met? The standard may be a company policy or other
benchmark.
iii.
Cause: Why did the problem occur?
iv.
Consequence: What is the risk/negative outcome (or opportunity foregone) due to the finding?
v.
Corrective action: What should management do about the finding? What has it agreed to do and by
when?
Internal Audit Departments may also issue reports summarizing the quarters or the year's issued reports.
These reports are similar in nature to the initial audit report, except that they will be at a higher level than
the specific area-level audit report content.
Insurance Loss Report
If a loss is covered by insurance, a report may need to be prepared to the insurance company detailing the
nature and amount of the loss. For example, many companies have a fidelity bond that insures an
organization against losses due to any fraudulent or dishonest acts of its employees. In order to seek
reimbursement under the terms of the bond, the insured organization may be required to submit a detailed
81
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
report to the insurer outlining how the loss occurred, who was responsible, and how the amount of loss was
calculated. Additionally, the insurance company may require the filing of a "proof of loss" form or report.
The insurance company will typically dictate what specific items may be required in the report. Generally,
it is best to be as precise as possible when calculating or estimating losses because once the claim is paid,
the insured may be prohibited from claiming any additional amounts due to that particular loss.
Expert Reports
Many fraud cases benefit from the assistance of an expert witness, who (unlike most witnesses) may provide
technical opinions while testifying. Typically, fraud examiners who serve as expert witnesses in litigation
are tasked with providing an expert report, which requires them to provide particular information about
their qualifications, their opinions, the bases of those opinions, and various other pieces of information. The
purpose of an expert report is to inform the parties, the judge, and the jury (if applicable) about the expert’s
opinion of the case, as well as his credibility for commenting on such issues. The content of the expert
report is highly dependent on the needs of the situation. For example, the expert witness might provide an
expert opinion on an organization’s auditing practices. If the expert used a fraud examination report as part
of the basis of forming the opinion, the fraud examination report would likely need to be attached to the
expert report. However, each report in this scenario is a separate document with its own structure. In some
situations, the person who wrote the fraud examination report might also be called as an expert witness, so
it is important to keep in mind the different purposes of each report.
Standards of Reporting
Depending on professional affiliations, it is required to follow the reporting standards of one’s profession.
For example, in the case of a certified fraud examiner (CFE), the applicable standards can be found in the
Fraud Examiners Manual, published for its members by the Association of Certified Fraud Examiners. A
certified public accountant (CPA) should follow the reporting standards required for consulting
engagements and found in the AICPA’s Statement on Standards for Consulting Services. A qualified CFE
and a CPA is required to follow the standards of both associations.
Tips to Keep in Mind When Writing an Expert Report
Be Honest and Stick to What You Know
The first two rules of being an effective expert are to
1) be honest and tell the truth, and
82
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
2) stick to what you know. An expert should always be truthful. Otherwise, any exaggeration or
embellishment will likely come out during a deposition or cross-examination and impede on an expert's
credibility and persuasiveness.
Second, an expert must stay within his area of expertise. An expert who states an opinion in an area beyond
their expertise is easily challenged on cross-examination. To accomplish this, an expert should do the
following:
•
Only provide opinions that are within your true area of expertise.
•
Only use terms for which you know the definitions.
•
Avoid using legal terms (unless you are a legal expert).
•
Avoid expressing legal opinions (unless you are a legal expert).
•
Do not state opinions on cost estimates unless you are qualified to do so.
Beware of Wandering into Legal Territory
As noted above, an expert should avoid legal terms or opinions because generally, expert witnesses are not
lawyers. Therefore, an expert witness may not understand many aspects of legal proceedings. An expert
that uses legal terms in his report can expect to be closely questioned on such terms. In so doing, the
opposing counsel will attempt to show that the expert was not sure what he was talking about when he used
such terms, which can impede the expert's credibility by calling into question the entire report and/or the
expert's qualifications.
Talk to Your Attorney Before You Put Anything in Writing
Before you put anything in writing, talk to your attorney first. It is important to discuss i contents of your
written report with your retaining counsel before committing anything ii Make sure you discuss the
following content issues with your attorney-client:
•
The purpose of the report.
•
The topics/issues you should address.
•
The topics/issues you should not address.
•
Find out and understand the legally important topics/issues you should address.
•
Express opinions or questions on any specific topics/issues your attorney raises.
Additionally, different attorneys have different preferences and styles. Therefore, you should discuss the
scope and length of the report with retaining counsel, including the level of detail desired. It is also
83
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
important to get the report's format from your retaining counsel, including items like page numbering, and
what type of font or paragraph structure to use.
State Only the Facts
Do not guess or make assumptions in reports. If information is unknown, then that should clearly stated. A
key purpose of the expert witness is to persuasively present his understanding of the facts to the reader in
the form of an opinion. Therefore, an expert report must provide s factual information because vague
statements of fact will damage the expert's credibility, factual sources should be citied, reminding the expert
of information sources before test indicating that the expert meticulously researched and composed the
report.
Write for a Lay Audience
Your report should be easy for practically anyone to understand. Remember that your retaining counsel,
the opposing counsel, the judge, the jury, or anyone else reading your report have little to no education in
the area of your expertise. Therefore, you must word your report so that lay individuals can understand
what it is that you are trying to convey.
Be Brief
An expert is most effective when he uses brief language because the report must be prepared so that a nonexpert can understand it. Therefore, an expert should provide only essential information and write in short,
uncomplicated sentences and concise paragraphs. A reader finds short sentences and paragraphs valuable
because they are easy to read and understand. Conversely, long-running sentences and paragraphs are
generally more difficult to understand and may discourage readers from even trying to comprehend the
material.
State Things Clearly and Directly
Experts should also state things clearly and directly. After all, it is the expert's role to state and provide an
opinion. A clearly and directly written opinion is not only easier to read, but it is also more persuasive. For
this reason, experts should avoid needlessly technical language, which is distracting and has a tendency to
diminish an expert's credibility.
Use Precise Language
An expert report should avoid ambiguity or inexact language and use precise language where possible.
Using precise language will make the expert report more credible. Furthermore, the expert should avoid
84
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
generalizations and be specific. Since an expert writes a report to communicate his findings and opinions,
the expert must convey his findings and conclusions clearly and confidently.
Use Active Voice
In grammar, voice indicates the relation of the subject to the action of the verb. When the verb is in the
active voice, the subject acts; when it is in the passive voice, the subject is acted upon.
Always try to use the active voice. Sentences that use the passive voice are wordy, indirect, more likely to
be ambiguous, and tend to be more awkward. Sentences in the active voice are clearer and more persuasive.
Use Objective Language
The tone of an expert report must be objective. An expert is presumed to be an impartial, disinterested
witness that represents his profession. An expert must not become an advocate for his "side." Doing so
impugns an expert's credibility. The use of objective terms makes the expert more credible and persuasive.
Avoid Bias
Additionally, an expert must be thorough and avoid using language that could suggest bias and to avoid
statements that the other side could misrepresent in court. Therefore, an expert report should avoid emphatic
language and absolute words, such as always and never. Statements using such terms provide abundant
material for cross-examination, allowing the opposing counsel to suggest that the expert is a "hired gun"
who is merely offering statements to aid his "side." Such terms also make defending the report much more
difficult. Finally, subjective statements rarely add any substance to the report while objective statements
are more effective in conveying the expert's message.
Avoid Argumentative Language
An expert must avoid argumentative language. An expert is not an advocate. As stated above, the tone of
an expert report must be objective. Like subjective language, argumentative language makes an expert
appear biased, which will cause a loss in credibility. For example, if you disagree with an opposing expert's
opinion, do not directly criticize it. Instead, deal with the opposing opinion in a reasoned method, making
sure that your position is more persuasive.
Do Not Comment on the Credibility of Witnesses
Beware of commenting on the credibility of witnesses. It is the jury's duty, not the experts, to determine the
truthfulness of each witness. Commenting about the veracity of others in a report may make the expert
appear biased, causing a loss of credibility?
85
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
Avoid Broad Unsupported Statements of Opinions
Statements of an expert's opinions should be supported with reasons justifying the opinions. When opinions
are supported, they are more persuasive and the reader will likely give more weight to the expert's report.
Unsupported opinions make the expert less credible and make the report more vulnerable to attacks.
Do Not Speculate or Guess
Experts should not speculate or guess in their reports because doing so undermines a report’s credibility. In
addition, opposing counsel will use an expert's guesses or speculations a: trying to show that the opinion is
not reliable because it relies on hunches.
Expert Witness Report Must Be Consistent and Accurate
An expert witness report must be consistent with previous reports, testimonies in other case, and/or other
publications. The opposing attorney may try to get a copy of everything ever written, so it is best to be
prepared to be relentlessly questioned on previous testimony and/or publications. In fact, a counsel that can
point out inconsistencies within a report or discrepancies between an expert's other reports will create
significant doubt about the expert's credibility. Thus, an expert must meticulously check the report for
accuracy.
Be Professional
An expert must make the report look like it is worth what he is being paid for it. A well composed report
will likely indicate to the reader that the expert is a methodical person, which will help bolster the expert's
credibility and will be more likely to persuade the reader. There are numerous things an expert can do to
make his report more professional. The following list provides some examples:
i.
Place the report in a report cover or binder.
ii.
Use a 12-point font that is easy to read and looks professional.
iii.
Use 1½ lines of space between each line, which will make the report easier to read and will provide
space for the reader to make notes.
iv.
Include a well-drafted coyer page, which should include a title, case citation, the expert's name, and
the expert's address.
v.
Provide an executive summary, especially when reports are long. An executive summary should
include a brief summary of the expert's conclusions with supporting rationale.
vi.
Use topic headings to break up the report, making the report easier to read and navigate.
vii.
Headings may also be very useful to the expert who is using his report while testifying.
viii.
If the report is long, use tabbed dividers.
86
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
ix.
Prof. Godwin E. Oyedokun
Number the pages because the lack of page numbers often gives the report a sloppy and
unprofessional appearance.
Additional Considerations for Written Reports
When preparing an expert report, keep the following issues in mind:
•
Clearly state the task or engagement:
-
Audience
-
Purpose
-
Limitations
-
Arrangement for fees
•
Identify participants.
•
Provide an executive summary of findings, conclusions, and recommendations.
•
Provide an analysis of transactions:
-
Chronology
-
Transaction-by-transaction
•
Include charts and graphs.
•
Summarize important facts.
-
The expert's report is usually the only opportunity other than the lawyer's statements for pertinent
facts to be set forth in a narrative form. This is extremely important, particularly in the common instance
where the report is actually admitted into evidence and submitted to the jury.
A concise statement of the facts that support the expert's conclusions is therefore an integral part of the
report.
•
Provide references to industry standards, if applicable.
•
Provide specific references to the data used to support the expert's opinions should be made,
including references to any industry standards, market data, or other economic analysis that have been
considered.
•
Provide analysis of alternatives and possible defenses.
-
Obviously, there are various elements that may be involved in any expert analysis, and in many
cases, there are alternative approaches that can be taken to satisfy the overall objective. For example, in
trying to calculate the damages suffered by a fraud victim, it might be helpful to look at the benefit of the
bargain of the proposed fraudulent transaction, as compared to the opportunity cost of transactions that the
victim gave up to pursue the fraudulent one. Often, alternative calculations of damages yield similar dollar
87
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
amounts; in such cases where more than one analysis yields similar results, the reliability of the damage
calculation as being a realistic measure of the victim's loss is increased.
•
Present in narrative, graphic and financial statement formats.
-
Different people, including different judges and jurors, are more comfortable with information in
different formats. Thus, the presentation of information in multiple formats is important to effectively
communicate to the various people who will review it. For the same reason, it is often helpful to have
multiple people involved in preparing the expert report—people whose skills and/or interests are most
compatible with the particular at issue.
•
Summarize qualifications.
-
It is important to adequately identify the person(s) responsible for the expert report in order to
satisfy legal requisites for expert testimony and to identify the expertise that should reflected in the report.
•
Summarize materials reviewed and/or relied upon.
-
Document identification and control are important aspects of lawsuit participation. Discover rules
in litigation require disclosures, and the list in the expert report can help verify that proper disclosures have
been made. In addition, the listing, together with the references to applicable standards, helps define the
intellectual "domain" of the report can help avoid cross-examination that is too far afield or testimony in
areas that have been adequately studied.
•
List witnesses and provide copies of statements.
•
Provide findings, conclusions, and recommendations.
88
www.oyedokungodwin.com
Forensic Accounting, Audit, Investigation & Fraud Management
Prof. Godwin E. Oyedokun
TEXT REFERENCE:
Oyedokun, G. E. (2020). Fundamentals of forensic accounting & fraud Investigation. 2nd Edition,
Lagos, Nigeria. Association Forensic Accounting Researchers (AFAR). ISBN: 978-978-56462-69
ii.
Mainoma, M.A. & Oyedokun, G.E. (2020). Guidance on Due-Diligent War in Nigeria: A Forensic
Accounting Approach to Fight against Corruption. Lagos. Nigeria. Association of Forensic
Accounting Researcher (AFAR). ISBN: 9789789787326
iii.
Oyedokun, G. E. (2018). Fundamentals of forensic accounting & fraud Investigation. Lagos,
Nigeria. Aaron & Hur Publishing. ISBN: 978-978-56462-6-9
iv.
Oyedokun, G. E. (2018). Ethical justification for creative accounting: Fraud & forensic
Accountants’ perspectives. Lagos, Nigeria. Aaron & Hur Publishing. ISBN: 978-978-56462- 9-2
v.
Oyedokun, G. E. (2017). Compendium of writings in forensic accounting & fraud examination.
Lagos, Nigeria. ASCO Publishers. ISBN: 978-978-55513-7-2
vi.
AFAR Journal of Forensic Accounting & Fraud Investigation
vii.
Oyedokun, G. E. (2019). Lecture Note on Audit Assurance & Professional Ethic.
i.
89
View publication stats
www.oyedokungodwin.com