Forensic Accounting: Strategies for
Detecting & Controlling Fraud
D. Larry Crumbley, CPA, CFF, Cr.FA, CFFA, FCPA
KPMG Endowed Professor
Department of Accounting
Louisiana State University
Baton Rouge, LA 70803
225-578-6231
225-578-6201 Fax dcrumbl@lsu.edu
Dr. Crumbley is the
Editor of the Journal of Forensic & Investigative Accounting.
Former editor of the Journal of Forensic Accounting: Auditing,
Fraud, and Risk,
Former chair of the Executive Board of Accounting Advisors of the American Board of Forensic Accountants ,
Former member of the NACVA’s Fraud Deterrence Board, and
On the AICPA’s Fraud Task Force (2003-2004).
A frequent contributor to the Forensic Examiner and Value
Examiner , Professor Crumbley is a co-author of CCH Master
Auditing Guide , along with more than 55 other books and 350 articles. His latest book entitled Forensic and Investigative
Accounting, 4 th edition, is published by Commerce Clearing
House (800-224-7477). Some of his 13 educational novels have as the main character a forensic accountant. His goal is to create a television series based upon the exciting life of a forensic accountant and litigation consultant.
1

2

“External auditors come down the hill after the battle and bayonet the wounded. Forensic accountants are the guys and girls who follow behind them, going through the soldiers’ pockets looking for money.”
3

“What the use of finger prints was to the 19 th century and DNA analysis was to the 20 th , forensic accounting will be to the 21 st century.”
- Gordon Brown, Chancellor of the Exchequer, 10 October 2006.
4













Overview of Forensic Accounting
Panel of Auditing Effectiveness
Persuasiveness/ Costs of Fraud/ Abuse
Some Fraud Surveys
Fraud Multiplier
COSO’s Model
Risk Assessment
Misappropriation of Assets/ Cooking the Books
Detection, Investigation, and Deterrence
Types of Misappropriations
Earnings Management
Seven Investigative Techniques

Five Magic Ratios

Using Technology

Procurement Fraud

Developing Fraud Interviewing Skills

Some Forensic Accounting Tools

Best Fraud Auditing Techniques
-----------------------------------------------------------
Now John at the bar is a friend of mine.
He gets me my drinks for free .
Sing us a song, you’re the piano man.
“Piano Man”Billy Joel
5


Bernard Madoff’s $64 billion ponzi scheme
(150 years).

Australia’s annual fraud, 2003, $5.8 billion or 1.147% of GDP.

Malaysia’s telecom operators lose 3% of revenue to fraud each year.

A KPMG Malaysian survey found that more than a third of the polled companies lost over
RM 1 million from fraud in 2 years.

Fraud and abuse in U.S. is about $1 trillion annually.

The quantity of corruption crimes has continued to rise in China after the market liberalizations in 1978 (because so much more money involved).

An employee at the Australian mint stole
$100,145 over ten months by hiding bills and coins in his lunch box and boots. He carried away on an average 150 coins in each boot every day.
6

Economic recessions often increase fraud, since executives may engage in more “cooking the books” techniques to improve financial results, and financially strapped employees will steal business funds or commit other types of fraud and abuse. In
April 2009, Audit Analytics predicted that 3,589 companies (nearly 25%) will report that their auditors doubt they will continue as going concerns. In 2001, the percentage was only 19.2 percent.
1
The Federal Government’s $787 billion economic stimulus and bailout programs will be breeding grounds for fraud, waste, and abuse. Dan Weil estimates that up to $50 billion of the total (or 5 to 10 percent) will be susceptible to fraud. FBI Director
Robert Mueller warns of fraud stemming from the stimulus packages.
2 There should be much work for forensic accountants.
1.
2.
Sarah Johnson, “Auditors: Nearly 25% of Companies May Not Be Going
Concerns,” CFO , April 22, 2009, www.cfo.com/article.cfm/13525910/c_2984368/?f=archives
18 Dan Weil, “Expert: Stimulus Fraud May Hit $50 Billion,” Newsmax.com,
June 16, 2009, http://mmoneynews.newsmax.com/printTemplate.html
7

Fannie Mae Forensic Probe





BOD hired investigators who cleared the current management of Fannie Mae of knowingly participating in any wrongdoing.
The report took 17 months; 616 pages plus 2,000 plus pages of supporting documents.
Cost of $60 million to $70 million.
The fraud was estimated to be $11 billion.
Former N.H. Senator Warren Rudman used The Huron Consulting Group.
8

•
Four-year class action lawsuit against Tyco.
•
Fraud was $1 to $2 billion.
•
PWC payment $225 million
Tyco payment $2.975 billion
Total $3.2 billion
9

Governmental Fraud
Where Is $9 Trillion?
The U.S. Federal Reserve can not account for $9 trillion in off-balance sheet transactions. Also, no one at the Federal Reserve has any idea what are the losses on its $2 trillion portfolio.
On May 12, 2009, Inspector General Elizabeth
Coleman could not explain the $1 trillion plus expansion of the Federal Reserve’s balance sheet since September 2008. While testifying before
Congress, Coleman said the IG does not have jurisdiction to audit the Federal Reserve.
86
If a U.S. business lost $9 trillion or created $9 trillion on their balance sheet, they would suffer severe penalties.
Source: Julie Crawshaw, “Federal Reserve Cannot Account for $9
Trillion,” Newsmax.com. May 12, 2009. http://moneynews.newsmax.com/financenews/feds_lost_nine_trillion/
2009/05/12/213463.html
10

E&Y Counts Macca Fortune
Big Four firm hired in high-profile divorce of former Beatle Sir Paul McCartney and ex-wife Heather Mills
Penny Sukhraj, Accountancy Age , 18 Mar 2008
Sir Paul McCartney instructed Ernst & Young to value his business assets as part of his divorce proceedings, it has emerged.
The Big Four firm put a value of
£400m on his fortune
, a figure accepted by the court over valuations carried out by ex-wife Heather Mills' accountants.
E&Y director, Alan Wallis performed the valuation which showed the Beatle's business interests as at 11 June 2002 and 28 April 2006 at £242,900,000 and £240,900,000 respectively.
Mills claimed for £125m following her short four-year marriage but a judge awarded her only £24.3 million from the star's wealth.
According to court papers, Wallis valued McCartney's property holdings at £33,979,000, with
£15,159,000 in bank accounts in the UK and USA. His investments were valued at £34,319,000. He was owed a total of £3,687,000. He held £6000 in cash. Paintings which he had painted, works of art, musical instruments, jewellery, furniture, house contents, motor vehicles and horses were valued professionally at £32,269,000.
He disclosed tax liabilities of £9,615,000. He put in as the value of his business interests Mr Wallis’ valuation of £240,920,000. His pension assets were valued at £36,288,000. Accordingly he disclosed total net assets of £387,012,000. He disclosed his total net income for the next 12 months at £5,357,000.
Mills' forensic accountants Lee and Allen made a preliminary report of the her former husband's business interests and also requested further information so that they could check, comment on, differ from, or agree with Ernst and Young’s valuations.
But a senior district judge disallowed several of the requests.
In addition, the court rejected the opinion on multiples used in valuations by Lee and Allen.
Mr Justice Bennett said: 'Having listened to both accountants giving evidence I unhesitatingly accept that of Mr Wallis. I am grateful to Mr Allen for his assistance but on this issue Mr Wallis is in a different league of expertise to Mr Allen. Mr Wallis told me he has 25 years experience in musical and media work. In stark contrast Mr Allen, a forensic accountant mainly concerned with claims for damages and with share valuations, candidly admitted that he had never valued a catalogue . '
Read the McCartney-Mills judgment in full here
Permalink: http://www.accountancyage.com/2212273
11

Definition of Forensic Auditor
Someone who can look behind the facade--not accept the records at their face value--someone who has a suspicious mind that the documents he or she is looking at may not be what they purport to be and someone who has the expertise to go out and conduct very detailed interviews of individuals to develop the truth, especially if some are presumed to be lying.
Robert G. Roche, a retired chief of the IRS Criminal Investigation
Division of the IRS
12

Narrow vs. Broad Definition

Narrow: Fraud detection is major area.

Broad: Employed to seek, interpret, and communicate transactional and reporting event evidence in an objective, legally sustainable fashion, not only in situations where there are specific allegations of wrongdoing, but also in situations where interested parties judge that the risk of loss from wrongdoing is such that proper prudence requires legally sustainable evidence to support the conclusion that no wrongdoing is occurring (James
Edwards).
13

Internal and
External
Auditing
Planning
Risk Assessment
Internal controls
Audit Evidence
Reporting
Fraud
Prevention and Deterrence
Detection
Investigation
Remediation
Forensic
Accounting
Accounting
Litigation Matters and Investigations
U.S. Dept. of Justice, Education and Training in Fraud and Forensic Accounting: A Guide for Educational
Institutions, Stakeholder Organizations, Faculty and
Students, Draft Copy, December 23, 2005.
14

“
I liken it to ‘CSI’ or ‘Law & Order,’ but instead of figuring out the trajectory of a bullet, you’re trying to find out how a transaction occurred .”
Terry McCarthy
15

Forensic accounting is the application of accounting, tax, auditing, finance, quantitative analysis, investigative and research skills, and an understanding of the legal process for the purpose of identifying, collecting, analyzing, and interpreting financial or other data or issues in connection with:
1) Litigation services : providing assistance for actual, pending or potential legal or regulatory proceedings before a trier of fact in connection with the resolution of disputes between parties, or
2) Non-litigation services : performing analyses or investigations that may require the same skills used in 1, above, but may not involve the litigation process.
16

Forensic accounting litigation services are the professional assistance accountants provide related to the litigation process.
These services may involve accounting, financial, auditing, tax, quantitative analysis, and investigative and research skills, as well as an understanding of the legal process to provide assistance for actual, pending, or potential legal or regulatory proceedings before a trier of fact in connection with the resolution of a dispute between parties.
17

Forensic accounting non-litigation services are the professional assistance accountants provide not related to the litigation process. These services may involve accounting, financial, auditing, tax, quantitative analysis, and investigative and research skill as well as an understanding of the legal process to provide assistance in connection with matter or issues not involving the litigation process.
“You’re trying to piece together a puzzle where you do not have the picture on the box to know what it’s going to look like. The facts are not settled, and actually it’s the facts that are in dispute.”
Andrew Bernstein
18

1. Late 1800’s – Find fraud
2. 1930’s- Puff Adder –encyclopedia
3. 1933-1934-independent audits
4. 1950’s-Eighth edition Montgomery auditing reduced formal stress on fraud detection.
5. January 1957- H.W. Bevis, AR, questioned the benefit of discovering minor employee thefts.
6. 1960s-auditors claimed no responsibility.
7. Financial audits: Consistency.
8. Audit surveillance: test of details (disappeared).
9. Stock market bubble
10. Panel on Audit Effectiveness (2000)
11. Enron/ WorldCom/ Parmalat/ HealthSouth
12. Sarbanes-Oxley/ PCAOB
13. SAS No. 99
14. Global Capital Markets and the Global Economy: A Vision from the CEOs of the International Audit Networks, November 2006.
15. Managing the Business Risk of Fraud: A Practical Guide, IIA,
AICPA, ACFE, 2008.
19

Transparency International Corruption Perceptions Index 2009
Rank
14
16
17
17
19
8
11
12
12
14
20
174
175
176
176
178
179
180
5
6
6
8
8
1
2
3
3
Country/Territory CPI 2009
Score
New Zealand
Denmark
9.4
9.3
Singapore
Sweden
9.2
9.2
Switzerland
Finland
Netherlands
Australia
Canada
9.0
8.9
8.9
8.7
8.7
Iceland
Norway
Hong Kong
Luxembourg
Germany
Ireland
Austria
Japan
United Kingdom
United States
Barbados
Uzbekistan
Chad
Iraq
Sudan
Myanmar
Afghanistan
Somalia
7.4
1.7
1.6
1.5
1.5
1.4
1.3
1.1
8.0
7.9
7.7
7.7
7.5
8.7
8.6
8.2
8.2
8.0
Surveys Used Confidence Range
6
6
8
6
8
4
6
8
6
6
3
5
3
4
3
4
6
6
6
6
6
8
6
6
6
9
6
7.5 - 9.4
8.2 - 9.1
7.9 - 8.5
7.6 - 8.8
7.7 - 8.3
7.8 - 8.4
7.4 - 8.3
7.4 - 8.0
7.3 - 8.2
6.9 - 8.0
6.6 - 8.2
1.5 - 1.8
1.5 - 1.7
1.2 - 1.8
1.4 - 1.7
0.9 - 1.8
1.0 - 1.5
0.9 - 1.4
9.1 - 9.5
9.1 - 9.5
9.0 - 9.4
9.0 - 9.3
8.9 - 9.1
8.4 - 9.4
8.7 - 9.0
8.3 - 9.0
8.5 - 9.0
20

Americans caught doing business with anyone on the list can be punished with up to 30 years in prison and a $5 million fine.
21

States Corruption Index
Most corrupt:
1.
Mississippi
2.
North Dakota
3.
Louisiana
4.
Alaska
5.
Illinois
6.
Montana
7.
South Dakota
8.
Kentucky
9.
Florida
10.
New York
Least corrupt:
1.
Nebraska
2.
Oregon
3.
New Hampshire
4.
Iowa
5.
Colorado
6.
Utah
7.
Minnesota
8.
Arizona
9.
Arkansas
10.
Wisconsin
22

The Bubble Deception
There are 14,000 publicly traded companies in the United States.
Expecting all of them to be honest is unrealistic. Like any town of 14,000, the market is bound to have its share of grafters and shoplifters.
By January 2001, all manner of companies were abusing accounting rules to mislead their investors, seemingly without fear of being caught.
A strange madness had gripped the market. Even its most solid citizens were running red lights and breaking windows. And the police were nowhere in sight.
Alex Berenson, The Number, Random House, 2003, p. xxiii.
23

I know that sounds crazy, but the stock market has gone from a place where investors actually own part of a company and have a say in their management to a market designed to enrich insiders by allowing them to sell shares they buy cheaply through options.
Companies continuously issue new shares to their managers without asking their existing shareholders. Those managers then leak that stock to the market a little at a time. It’s unlimited dilution of existing shareholders’ stakes, dilution by a thousand cuts. If that isn’t a scam, I don’t know what is.
Individual shareholders have nothing but the chance to sell their shares to the next sucker . A mutual fund buys one million shares of a company with your and your coworkers’ money.
You own 1 percent of the company. Six weeks later you own less, and that money went to insiders, not to the company.
Alex Berenson, The Number, Random House, 2003, p. xviii.
24

Forensic Accounting Factors



Time: Forensic accounting focuses on the past, although it may do so in order to look forward (e.g., damages, valuations).
Purpose: Forensic accounting is performed for a specific legal forum or in anticipation of appearing before a legal forum.
Peremptory : Forensic accountants may be employed in a wide variety of risk management engagements within business enterprises as a matter of right, without the necessity of allegations (e.g., proactive).
-----------------------------------------------
With a single clue a forensic accountant can solve a fraudulent mystery.
25

A former Scotland Yard scientist tried to create the world’s biggest fraud by authenticating $2.5 trillion worth of fake U.S.
Treasury bonds.
When two men tried to pass off $25 million worth of the bonds in Toronto in 2001, a
Mountie noticed the bonds bore the word
“dollar” rather “dollars.”
Police later raided a London bank vault and discovered that the bonds had been printed with an ink jet printer that had not been invented when the bonds were allegedly produced.
Zip codes were used even though they were not introduced until 1963.
Sue Clough, “Bungling Scientist Is Jailed for Plotting World's Biggest
Fraud,” News.telegraph.co.uk, January 11, 2003.
26

Forensic accounting is the action of identifying, recording, settling, extracting, sorting, reporting, and verifying past financial data or other accounting activities for settling current or prospective legal disputes or using such past financial data for projecting future financial data to settle legal disputes.
Source: Forensic and Investigative Accounting (CCH)
--------------------------------------------------------
When the death of a company occurs under mysterious circumstances, forensic accountants are essential. Other accountants look at the charts but forensic accountants actually dig into the body.
Douglas Carmichael
27

Forensic Accounting Areas

Investigative Auditing

Litigation Support
Forensic: Latin for “forum,” referring to a public place or court.
Black’s Law Dictionary: Forensic, belonging to the courts of justice.
Note: Corporate spooks are used to check on competitors.
28

Top Niche Services - 2010
1. Business Valuation
2. Litigation support
3. Attestation Services
4. Forensic/Fraud
74%
73%
70%
69%
Source: Accounting Today.
29

AICPA’s Position

Public accounting firms could use forensic accountants to help revise their approach to planning and fieldwork on all audits, while requiring forensic accountants only on high risk audit clients to aid in the interpretation of forensic testing results and preventive control enhancements.

Does not require auditors to carryout specific forensic procedures, but rather provide guidance on how to include forensic techniques within processes outlines in
SAS 99. This combination will enhance the detection and prevention of fraudulent financial statement reporting and misappropriation of assets; thus protect investors and financial statement users.

The inclusion of audit procedures focused towards detecting misappropriation of corporate assets may lead to the identification of weaknesses within corporate governance or control weaknesses. Frauds that are identified which represent a material misappropriation of assets could significantly impact public perception.
30

AICPA’s Position (cont.)

Professional forensic accountants can best be used by ensuring such procedures are properly developed and executed in-line with internal audit and audit committee concerns. Forensic accountants could then be engaged in high-risk situations, or when a fraud is suspected.

Companies should not use the forensic services of their outside audit firm, unless it pertains to the annual audit.

Putting a price on a substantive test or forensic auditing procedure may be smart for business; however, the inherent risk is that short-cuts geared towards reducing audit costs may eventually cause investors to question the companies’ true financial position.
AICPA – Discussion Memo Question Responses
31

Forensic vs. Fraud Audit
Google result, June 23, 2010:












Forensic Audit, 173,000 hits
Forensic Audit Software, 259,000 hits
Fraud Audit, 108,000 hits
Fraud Examination, 49,500 hits
Forensic Audit Procedures, 102,000
Fraud Accounting, 78,300 hits
Fraud Audit Procedures, 76,800 hits
Forensic Accounting, 485,000 hits
Fraud Investigation, 550,000 hits
Forensic Mortgage Audit, 501,000 hits
Forensic Audit Loan, 71,400 hits
Forensic Loan Modification, 2,120,000 hits
----------------------------------------------
I don’t care what they say, but [forensic accounting] is here to stay.
Danny & the Juniors
-----------------------------------------------------------------------------------
I see skies of blue and clouds of white, and I think to myself, what a wonderful world.
Louis Armstrong
32








Employee Crime Specialist.
Asset Tracing Specialist.
Litigation Services Specialist and
Expert Witness.
Insurance Claims.
Valuation Analysis.
False Claims Act Violations.
Due diligence investigations.
33

Asset Tracing
Three Italian lawyers said in a filing to be presented to a bankruptcy court that they had traced $7.7 billion in missing Parmalat funds.
“We are preparing a filing in which we are asking for the insolvency status to be revoked because the money was robbed and not lost,” lawyer Carlo Zauli told Reuters.
But he said it would be an illusion to believe proof of electronic transfers of the funds could be found and the lawyers representing the
Parmalat Creditors Committee did not say where the money was being held or if it was recoverable.
An Italian website, TGfin ( www.tgfin.it
), said a company linked to Parmalat founder Tanzi was holding the funds in the form of U.S. bonds in an account with Bank of America.
Source: Emilio Parodi and Stefano Bernabei, “Wrap-up 2: Paramalat Fraud Probe Widens to Auditors, Ex-Banker, “forbes.com, January 8, 2004.
34

Gross Profit Comparison



In a divorce situation, a business owner claimed only about $75,000 annual income.
He claimed he had borrowed and not paid back huge sums.
Wife said he was spending about
$400,000 per year more than his salary.
Four schedules for the courtroom:
1.
What was known and alleged about husband’s expenditures.
2.
3.
Schedule comparing income with expenditures.
Amounts husband claimed he had borrowed.
35

Gross Profit Comparison (cont.)
4.


Company’s income statements sideby-side:
His
----
New Gross Profit
Per Industry
------
----
$75,000
------
$475,000
Husband had overstated COGS.
Checks issued to vendors, into COGS.
Some of the vendors cashed the checks and returned the money to husband.
Mark Kohn, “Unreported Income and Hidden Assets,”
Forensic Accounting in Matrimonial Divorce,
Philadelphia: R. T. Edwards, 2005, pp. 49-57.
36


Business owner reports only $50,000 business income, but has expensive cars, private schools, buying significant real estate.

Subpoenaed records of local beer distributors.
Then went to the club and ordered some drinks, noting the pricing of the beer, etc.
1,000 cases of Miller’s
24 bottles
24,000 x $2
$48,000 per year

Found that reported sales were underreported by $500,000.
Mark Kohn, “Unreported Income and Hidden Assets,”
Forensic Accounting in Matrimonial Divorce, Philadelphia:
R.T. Edwards, 2005, pp. 49-57.
37


Massive improvements to personal home, not paid for by personal funds.

Company showed many corporate payments to home remodeling contractors/landscapers.

But the industrial park not owned by company.

Only photocopies of invoices provided.

FC demanded original documents.

Finally, the original documents had white-outs of job locations and work descriptions.

Could turn over the originals and read the real data from the back side.
Mark Kohn, “Unreported Income and Hidden Assets,” Forensic
Accounting in Matrimonial Divorce, Philadelphia: R.T.
Edwards, 2005, pp. 49-57.
38

5.
6.
3.
4.
1.
2.
7.
Look at the lifestyles.
Look at the expenses.
Look at the cash flow.
Look at the business operations.
Look at the industry ratios.
Consider using private investigators.
Use the net worth method.
Mark Kohn, “Unreported Income and Hidden Assets,” Forensic
Accounting in Matrimonial Divorce, Philadelphia: R.T.
Edwards, 2005, pp.49-57.
39

The main difference between fiction and reality is that instead of using mask and gun, today’s villains use mouse and keyboard.
Instead of hiding behind a lamppost in a trench coat and fedora, today’s forensic accountants are more likely to be hiding behind their own computers, searching for clues amid mountains of data.
Source; “Book ‘EM! Forensic Accounting in History and
Literature,” The Kessler Report, Vol.1, No. 2.
------------------------------------------------------------------------------------
“Every investigation I did as a prosecutor, you have a particular target, but it always branches off because something else gets your attention.
And that’s what is going to happen with a forensic accountant.”
Tom Carlucci:
E-library Rueter Library September 20, 2002
40

Forensic Techniques Become Popular
“In many of the large accounting blow-ups, auditors knew what was happening,” says Charles Niemeir, “but they were willing to look the other way.”
There is a need to provide “incentives for people finding problems,” says Douglas Carmichael. “Right now there are no incentives for finding problems, and one who does is treated as a trouble maker.”
Source: Cassell Bryan Low, “Accounting Firms Attempts to
Dispel the Cloud of Fraud,” Wall Street J.
, May 27, 2003.




Doug Carmichael, former Chief Auditor for Peekuh-boo, faults auditors for not adopting forensic techniques .
Carmichael wishes more “test of details,” not relying on test of controls.
He wishes more shoe-leather work.
Shoe-leather work is what we do!
Kris Frieswick, “How Audits Must Change,” CFO July
2003, p.48
41


E&Y’s forensic accounting team is comprised of
350 practitioners in the U.S. alone, and focuses on strategies to mitigate and manage conflict in bankruptcy disputes, financial and economic damages, fraud and investigations, government contracts and grants, insurance claims, intellectual assets, and legal technology.

Deloitte’s forensic accounting expertise includes anti-money laundering, the Foreign Corrupt
Practices Act, purchase price disputes, arbitrations, construction fraud, health care fraud, construction oversight, intellectual property theft, and misdirected royalty revenues, to name just a few.
They have forensic labs in nine major cities across the U.S. and an additional 18 cities around the world, including Hong Kong, London, Amsterdam,
Frankfurt, Cape Town and Melbourne.” All FAS labs meet the FBI’s chain of custody requirements. “They are secure, state-of-the-art, and house advanced systems for storing and accessing data, including dedicated servers and fire-resistant safes.
Stuart Kahan, “Sherlock Holmes Enters Accounting,” WebCPA ,
February 11, 2007.
42

This need for the forensic accountant is demonstrated by this passage from The CBS
Murders :
Margaret Barbera was very good with numbers. She could take a balance sheet, a set of account books, invoices, bills, and more, juggle and manipulate the figures and, presto, thousands become millions, losses become profits, profits become losses, sales soared or fell, whatever her employer desired, and it would take an expert auditor knowing precisely where to look and what to look for to figure out what she’d done, and even then, it still might slip by.
Professor Cramer was in front of the auditing class quoting a passage from The CBS Murders , by Richard
Hammer. [p. 67 in Trap Doors ].
43

“Rather than combing torn clothing,” forensic accountants “comb through corporate books, looking for oddities that could signal swindles,” says
Bruce Dubinsky. Investigations can be extremely complex, with crates and crates of documents and thousands of computer files.
Investigators look for flags or patterns that would not normally occur.
Source: Mark Maremont, “Tyco Is Likely to Report
New Woes,” Wall Street Journal , April 30, 2003, p.
C-1.
44






Potpourri
Deutsche Bank is being sued for $1.3 billion by
Bruce Winston (one of the heirs of Harry Winston diamond dynasty) for priceless gems disappearing from a trust under their control.
A Burlington, Kentucky city finance director is accused of embezzling more than $1.2 million to support his estranged wife and his girlfriend.
Martin Frankel vanished with between $200 million in cash and diamonds one day. He accomplished this insurance fraud by buying poorly capitalized insurance companies, cooking the books to show increased premium value, and by including non-existing real estate and leases on the balance sheet.
Bank of China’s Mr. Wu allegedly embezzling up to $18 million from a bank branch, using improper bills of exchange. BoC has a number of cases involving the embezzlement of $737 million from branches in the Southern
Guangdong Province.
A U.S. Lime officer embezzled nearly $2.2 million by forging signatures of other company officers on checks, and falsifying the company’s check register to create the impression that the amounts he received went to U.S. Lime creditors.
45

Potpourri (contd …)






The Chairman of Hyundai Motor, Chung Mong-
Koo, was sentenced in February 2007, to 3 years in prison for embezzlement ($100 million) and breach of trust at South Korea’s largest carmaker.
Spanish authorities shut down Afinsa’s Forum stamp-investing programs with several hundred thousand of small investors. Alleged investments in overvalued stamps and suspected pyramid scheme. Eight officials jailed.
In 2000, Rent Way’s CAO artificially reduced the company’s expenses by $127 million.
WorldCom’s external auditors missed about
$11 billion improperly booked items.
Ahold NV, a Dutch company, said a U.S. unit had overstated revenues by $880 million by booking more discounts from suppliers than actually received.
One Philippine peso coin has the same size as
1 dirham, but worth only 7 fils. Thus, dispense machine fraud.
46

Careful With Property Tax Refund Checks

Supervisor of the Real Property Tax
Adjustment Unit in Washington, D.C.,
Harriette Walters, used at least 92 payments to dummy corporations in a scam to obtain $31.7 million ($344,565 per refund).

Fraud was never noticed by city officials, internal, or external auditors. Auditors never examined why the city’s property tax refunds were steadily rising.

Sham companies ’ bank accounts were controlled by Walters’ brother.

Many applications for refund were identical to prior ones.

In a FBI raid of her house, 100 pieces of jewelry, a mink coat, 90 designer purses,
68 pairs of shoes, designer luggage, Rolex watch, silver bar cart, and more were found. She had a $1.4 million in bills at
Neiman Marcus on a $81,000 yearly government salary.
47

A forensic accountant has extensive experience in investigations to determine solutions to disputed accounting matters, to write expert reports on their investigation, and to appear in court as expert witnesses.
Zeph Telpner and Michael Mostek
A normal accountant is like a guard-dog
(e.g., a bulldog); a forensic accountant is like a bloodhound; an internal auditor is like a seeing-and-eye dog (e.g., monitoring and guiding management), a corporate accountant is a mix breed, and a governmental accountant is an afghan.
D. Larry Crumbley
48

Accountants must be attuned to detecting fraud at every level of service, including standard accounting services, compilations, reviews, and bank reconciliations. If there is fraud and you don’t detect it, you are going to be sued, and you will likely lose, as the public perception is the accountant is the watchdog.
Robert J. DiPasquale, Parsippany, N.J.
Source: H.W. Wolosky, “Forensic Accounting to the Forefront,”
Practical Accountant , February 2004, pp. 23-28.
49

Forensic Accounting Knowledge Base
Silk, Silk, Silk
50

Forensic accounting (or at least accounting expert witnessing) can be traced as far back as 1817 to a court decision. [ Meyer v. Sefton ]
In 1824, a young accountant by the name of James
McCleland started business in
Glasgow, Scotland and issued a circular that advertised various classes of expert witness engagements he was prepared to undertake.
In 1856 in England, the audit of corporations became required.
51

52

“Perhaps the most celebrated case of an accountant nailing a famous criminal was the case of Al Capone. For all of Capone’s colorful history of violent crime, the FBI could never gather enough evidence to convict him until FBI agent
Eliot Ness had an idea.
He gathered special agents of the
IRS to track the flow of cash from
Capone’s illicit activities . When the mobster failed to pay taxes on those earnings, the IRS nailed him for tax evasion.
Capone went to jail and was never a factor again. IRS recruitment posters boast till this day: ‘Only an accountant could catch Al Capone.’”
Source: “Book ‘Em! Forensic Accounting History and Literature,” The Kessler
Report , Vol. 1, No. 2.
53

“You know how it goes,” I said. “You get a case.
You just keep poking around, see what scurries out.” p. 144.
------------------------------------------------------------
“How,” Susan said, “on earth are you going to unravel all of that?”
“Same way you do therapy,” I said.
“Which is?”
“ Find a thread, follow it where it leads, and keep on doing it .”
“Sometimes it leads to another thread.”
“Often,” I said.
“And then you follow that thread.”
“Yep.”
“Like a game,” Susan said.
“For both of us,” I said.
Susan nodded. “Yes,” she said, “tracking down of a person or an idea or an evasion.” pp. 270 – 271.
--------------------------------------------------------------------------------
Source: R.B. Parker, Widow’s Walk , Berkley Books, 2002.
54

Maurice E. Peloubet (1946)
Pretenders :

Max Lourie (1953)

Robert Lindquist (1986)*
* Repeated, First sentence in N. Brennan and J.
Hennessy, Forensic Accounting , 2001, p. 5.
55

The Essence of Forensic Accounting by
Maurice Peloubet (1946):
“The preparation of data for and the appearance before government agencies as a witness to facts, to accounting principles, or to the application of accounting principles is essentially forensic accounting practice rather than advocacy.”
Modern Version
“Let’s face it, we in the forensic profession labor in an obscure corner of the vineyard.
We are the carefully selected, trusted, highly trained guardians of one of the last great secrets remaining on the face of the earth - - the $600 billion [now $994], more or less annual problem nobody knows about.”
Joseph W. Koletar, Fraud Exposed , John Wiley &
Sons, Inc 2003, p. 228.
56

57

Fictional Hero
“Forensic accounting is turning up more frequently in the world of fiction, too. The financial intrigue of fraud and the investigative process of forensic accounting are a natural fit with mystery of suspense novels. Add exotic locations, colorful characters and a murder or two, and you have all the elements of a classic thriller.
There is a selection of books featuring forensic accountants as the heroes of their own stories, as well. Lenny Cramer, perhaps the most prominent of this fictional group, is the star of a series of novels written by I.W. Collett (aka Larry
Crumbley) and various co-authors.
In one of these novels, Cramer tracks forged receipts to uncover a plot to steal Burmese religion treasures . Another features Cramer, while conducting an audit at Coca-Coca, uncovering a scheme to steal the company’s secret formula . In yet another, Cramer uses his forensic accounting skills to solve a series of murders in the New York art world .”
Source: “Book ‘em! Forensic Accounting in History and Literature,” The Kessler
Report , Vol. 1, No. 2.
58

Panel on Audit Effectiveness




In 1998, the Public Oversight Board appointed the Panel on Audit Effectiveness to review and evaluate how independent audits of the financial statements of public companies are performed and to assess whether recent trends in audit practices serve the public interest.
In 2000, the Panel issues a 200-page report, Report and Recommendations , which includes a recommendation that auditors should perform forensic-type procedures during every audit to enhance the prospects of detecting material financial statement fraud.
Did not believe a GAAS audit should become a fraud audit.
In all audits the degree of audit effort in forensic- type steps should be more than inconsequential [p. 24].
59

Big-Six's Position

A forensic audit is akin to a police investigation.

All public companies should have a forensic audit on a regular basis. Companies would be required to have such an audit every three or five years or face these audits on a random basis.

Forensic auditors scrutinize all records of companies, including emails, and would be able, if not required, to question all company employees, and to require statements under oath.

Might be necessary for an audit network or a specialized forensic auditors to complete a forensic audit with the aid of independent attorneys (not those who have represented the audit client in the other engagements).
Source: “Serving Global Markets and the Global Economy: A View from the CEOs of the International Audit Networks, November 2006, p. 13.
60

Required Forensic Audits Coming?

The accounting profession may be making a strategic shift as they see that SAS No. 99 and the other rules are not protecting them from being the insurer of last resort.

The Big Four along with Grant Thornton and
BDO International recently released a report entitled “Serving Global Capital Markets and the Global Economy.” November 2006.

In the report, one of the things they are suggesting is for companies to have a forensic audit. Companies would be required to have such an audit every five years or face these audits on a random basis.

Standing Advisory Group (PCAOB) was not enthusiastic about a mandatory forensic audit: not cost-effective or effective at all.
February, 2007.
“Auditing Firms Urge New Ways to Detect Fraud,” NYSSCPA.org News Staff.
Posted on November 11, 2006.
61

Source: http://www.nysscpa.org/cpajournal/2006/906
/infocus/p16.htm
62

Source: http://www.nysscpa.org/cpajournal/2006/906
/infocus/p16.htm
63

Difficulties With Finding Fraud (cont.)
With respect to the CPA’s responsibilities to detect fraud, in my opinion current audit standards are fundamentally and fatally flawed; we should shift our emphasis to preventing fraud in the first place. Although we can and should do a better job of detecting illegalities, that’s a difficult row to hoe. In the last 30 years, I have personally trained tens of thousands of CPAs. I’ve given them balance sheets and income statements that contain material fraud. And even knowing that the books are cooked, they find it difficult to uncover these problems. That is simply because there are so many methods of concealment, and the clues are not unique to fraud. For example, who is to say whether a large spike in the cost of sales is caused by fraud or by a legitimate increase in expenses?
Oftentimes, it is hard to differentiate a red flag from a red herring.
Source: http://www.nysscpa.org/cpajournal/2006/906/infocus/ p16.htm
64





65

66

67








Controls related to the control environment.
Controls over management override; the company's risk assessment process.
Centralized processing and controls, including shared service environments.
Controls to monitor results of operations.
Controls to monitor other controls, including activities of the audit committee and selfassessment programs.
Controls over the period-end financial reporting process.
Policies that address significant business control and risk management practices.
Source: PCAOB, October 17, 2007, pp. 12.
68

Three Classes of Controls
Preventive controls: These controls are first in line to prevent errors, omissions, or security incidents from occurring. Examples include controls that restrict access to systems to authorized persons such as intrusion prevention systems and firewalls, and integrity constraints that are embedded within a Database
Management System. Most Efficient
Detective controls: These controls detect errors or incidents that have eluded the preventative controls.
Examples include controls that test whether authorization limits have been exceeded, or an analysis of activity in previously dormant accounts. Important when preventive controls weak. Examples include situations where the transactions are derived from third party reports such as sales reports from franchisees, warranty claims reported by auto dealers, baggage claims reported by passengers at airports, and reports of coupons or rebates redeemed by redemption processors.
Corrective controls: These controls correct errors, omissions, or incidents after detection. They vary from simple correction of data-entry errors, to identifying and removing unauthorized users from systems or networks.
Corrective controls are the actions taken to minimize further losses.
Sources: IIA, 2005, Global Technology Audit Guide: IT Controls,
Altamonte Springs, Fl; M. J. Nigrini, “Monitoring Techniques
Available to the Forensic Accountants,” J. of Forensic
Accounting , Vol. 7, 2006, p. 322.
69

Where Fraud Prevention and Security Meet
Fraud Prevention Security
Sarbanes-Oxley
Compliance
Data Mining for
Fraud
Ethics Policy
Anonymous
Tip Line
Risk Assessment
Fraud Policy
Background Checks
Site Security Survey
Loss Prevention
Strategy
Information Security
Investigations
Interviews
Screening Tools for
External Fraud
Guards
Closed Circuit
TV
Swipe Cards
Locks
Fences
Badges
Disaster
Recovery
Source: M.T. Biegelman and J. T. Bartow, Executive Roadmap to Fraud
Prevention and Internal Controls , John Wiley, 2006, pp. 325-326.
70

Balancing Risks and Controls
Excessive Risks
• Loss of Assets
• Poor Business Decisions
• Noncompliance
• Public Scandals
• Increased Regulations
Excessive Controls
• Increased Bureaucracy
• Reduced Productivity
• Increased Complexity
• Increased Cycle Time
• Increase of no-value activities
71

Preventive controls
• Segregation of duties
• Required approvals
• Securing assets
• Passwords
• Using document control numbers
• Drug testing
• Job rotation
• Computer backup
Detective controls
• Reconciliations
• Reviews
• Event notifications
• Surprise cash count
• Counting inventory
Corrective controls
• Training
• Process redesign
• Additional technology
• Quality circle teams
• Budget variance reports
72

James Bond – Type Security
The TIAA-CREF’s Charlotte building is covered with green faux windows and comes with security features such as a revolving door that weighs visitors when you go in and out, cameras that track them throughout the building and security badges that won’t let them leave if they stay longer than expected.
The James Bond technology protects a financial service entity’s most precious commodity: cartridges containing customer data. “These are our crown jewels.” CTO Sue Kozik said.
The data center could be guarded better only if it was buried underground.
Source: Rick Rothacker, “Charlotte Site Has
Quickly Become the Firm’s Largest,” Charlotte
Observer , December 28, 2006, p. 2D.
73

7.
8.
3.
4.
5.
1.
2.
6.
74

Need a Certification?









American College of Forensic Examiners (2750 E.
Sunshine, Springfield, MO 65804; 800-423-9737; www.acfei.com
. DABFA and Cr.FA; 2000)
Certified Fraud Examiners (Association of CFEs, The
Gregor Bldg., 716 West Avenue Austin, TX 78701; 800-
245-3321; www.cfenet.com
).
Certified in Financial Forensics (CFF), AICPA, Fall 2008, www.aicpa.org.
Forensic CPA Society (FCPA); formed in July 2005,
Spokane, WA. info@fcpa.org.
Certified Forensic Financial Analyst (NACVA, Salt Lake
City, Utah 84106; 801-486-0600). Also, Certified Fraud
Deterrence (CFD) analyst. [CFFA and CFD have merged.]
National Litigation Support Services Association (NLSSA,
III East Wacker Drive, Suite 990, Chicago, IL 60601;
800-869-0491). Not-for-profit. About 20 firms. $1,825.
Canadian Institute of Chartered Accountants (CICA) –
CA.IFA – Alliance for Excellence in Investigative
Accounting.
Certified Forensic Investigator (CFI) – Canada Early
1980’s. www.homewoodave.com
Certified Fraud Specialist (CFS), not-for-profit, educational anti-fraud corporation located in
Sacramento, Calif., for those dealing in white-collar crime, fraud, and abuse issues. Association of Certified
Fraud Specialists. http://acfsnet.org
.
75

Source: Field of Forensic Service Remains Hot, A. E. Feldman
Blog, http://blog.aefeldman.com/2009/04/13/field-of-forensic services-rem...
76

77

78

79

Some accountants believe that ethics is a place in England.
Essex, U.K.
--------------------------------------------------
A statement made by Mark Twain about New England weather applies to fraud and corruption:
“It’s hard to predict, but everyone agrees there’s plenty of it.”
As Sherlock Holmes said, “the game is afoot.”
--------------------------------------------------
Read My Lips; It’s The Fraud, Stupid.
80

Termites, Rust, and Fraud
•
Just as termites never sleep, fraud never sleeps.
• Just like termites, fraud can destroy the foundation of an entity.
-------------------------------------------------------------
Like rust, fraud never sleeps.
-------------------------------------------------------------
"It is simply impossible to eliminate economic crime. It's like fighting the mythical Hydra, cutting off one form of fraud merely allows another to grow. Controls alone are not enough. The answer lies in establishing a culture that supports control efforts and whistle-blowing with clear ethical guidelines. Companies need to build loyalty to the organization, give employees the confidence to do the right thing, and identify clear sanctions for those who commit fraud, regardless of their position in the company."
Steven Skalak
81

White-Collar Crimes
White-collar crimes according to the
FBI are categorized by deceit , concealment , or violation of trust and are not dependent on the application or threat of physical force or violence.
Such acts are committed by individuals and organizations to obtain money, property, or services; to avoid the payment or loss of money or services; or to secure a personal or business advantage.
Source: FBI.gov
82

The motto of a fraudster:
Anything is possible. The impossibility simply takes longer.
---------------------------------------------
Biggleman’s Safe – a safe builder wrote blueprints of a unbreakable safe and locked the blueprints inside the safe.
-----------------------------------------------
Internal controls can be broken, often by top executives .
-----------------------------------------------
Just as a pitcher tries to fool batters, financial statements may be misleading or wrong (baseball or cricket).
83

• Edwin Sutherland coined the term
“white-collar crime.” [Indiana
University sociology professor.]
• Sutherland believed that whitecollar crime is a learned behavior , a consequence of corporate culture where regulations are regarded as harassment, and profit is the measure of the man.
• “White-collar crime violates trust and thus creates distrust, and this lowers social morale and produces social disorganization on a large scale.
Cynthia Crossen, “A Thirties Revelation: Rich People
Who Steal are Criminals, Too,” Wall Street Journal ,
October 15, 2003, p. B-1.
84

White-Collar Crime By the
Advantaged
“Crime is the most flourishing and lucrative business in America… I speak now not only of the crime in the streets, the burglaries and the robberies, which represent tens of billions of dollars each year; I speak of the crime which we call ‘white collar’ – the crimes committed by the advantaged , not the disadvantaged; the crimes committed with pen and pencil, not with gun or ‘jimmy’; under the bright lights of the executive offices, not by stealth in the dark .”
Herbert Stern, from his discussion of prosecutorial philosophy in the 1973 book Tiger in the Court , by Paul
Hoffman.
85

FBI Crime Classification Manual
1. Personal Cause Homicide.
2. Sexual Homicide.
3. Group Cause Homicide.
4. Criminal Enterprise Homicide
• Contract killing.
• Gang-motivated.
• Criminal competition.
• Kidnap murder.
• Product tampering.
• Drug murder.
• Insurance/ inheritance.
• Felony-murder.
• Commercial profit .
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
“People do not normally kill you for doing their taxes, but forensic accounting is a whole new ballgame.”
Adam Piore, “Fraud Scene Investigator,”
March 20, 2008.
86

Red-Collar Crime
• A person who physically harms someone that may have, or is on the verge of detecting their fraudulent behavior.
• Fraud-detection homicide.
• Myth: White-collar criminals not violent criminals.
• Forensic accountants may be used in a homicide investigation when fraud detection may be the motive for the murder.
• Fraud-detection motive may be important when a prosecutor has weak direct evidence.
Source: F.S. Perri and T.G. Lichtenwald, “A Proposed Addition to the FBI
Criminal Classification Manual: FraudDetection Homicide,” The
Forensic Examiner , Winter 2007, pp. 18-30.
87

Tyco Prosecutor’s Closing Argument
“ Remember, these are two very, very smart men; they are not charged with being stupid men,” she said of Mr.
Kozlowski and Mr. Swartz.
“These crimes have an element of sophistication so you can be sure that when they were committing them they built in an element of deniability.”
She added: “Every good scheme has it.
That is how white-collar criminals work.”
• Mistrial on April 2, 2004.
Source: A.R. Sorkin, “Talk of Greed and Beyond at Tyco Trial,”
N.Y. Times , March 17, 2004, p. C-1.
88

Michael Comer’s Types of Fraud
1.
2.
3.
Corruptions (e.g., kickbacks).
Conflicts of interest (e.g., drug/alcohol abuse, part-time work).
Theft of assets.
4.
5.
False reporting or falsifying performance (e.g., false accounts, manipulating financial results).
Technological abuse (e.g., computer related fraud, unauthorized Internet browsing).
Comer’s Rule: Fraud can happen to anyone at anytime.
Source: M.J. Comer, Investigating Corporate Fraud ,
Burlington, Vt.: Gower Publishing Co., 2003, pp. 4-5.
89

* The sum of percentages in this chart exceeds 100% because several cases involved schemes from more than one category.
Source: 2010 Report to the Nations on Occupational Fraud and
Abuse, p. 13.
90

Source: 2010 Report to the Nations on Occupational Fraud and
Abuse, p. 12.
91

How Corruption Occurs
Category
Conflicts of
Interest
Bribery
Illegal Gratuities
Extortion
%
61.6%
42.7%
29.8%
16.9%
Source: 2006 Wells Report, ACFE.
92

Given the right pressures, opportunities, and rationalizations, many employees are capable of committing fraud.
Bev Harris says that fraudsters and embezzlers are the nicest people in the world:
Wide-eyed mothers of preschoolers. Your best friend. CPAs with impeccable resumes.
People who profess deep religious commitments. Your partner. Loyal business managers who arrive early, stay late, and never take a vacation. And sometimes, even
FAMILY MEMBERS. So if you’re looking for a sinister waxed mustache and shifty eyes, you’re in for a surprise – scoundrels come in every description.
Source: “How to Unbezzle A Fortune,” www.talion.com/embezzle.htm
, p. 1.
93

Starwoods Hotels Poll of Executives
401
99% Consider themselves to be honest in business
Played with someone who cheats at golf
Cheated themselves at golf
Hated others who cheated at golf
Believe that business and golf behaviors are parallel
87%
82%
82%
72%
Source: Del Jones, “Many CEOs Bend The Rules (of Golf),”
USA Today , June 26, 2002, p. A-1.
94




The Cost of Fraud
U.S. Organizations lose 5 percent of annual revenue to fraud and abuse (7% in 2008).
Fraud and abuse costs U.S. organizations more than $994* billion annually (about $6,860 per employee) in 2008. $712.8 billion in 2010.
The average organization loses more than $ 18.30
a day per employee due to fraud and abuse.
* $652 billion in 2006. $660 billion in 2004.
Global 2010, $2.9 trillion.
Source: 2008 and 2010 Wells Reports
95

The Trillion Dollar Gorilla
U.S. Business 1
Federal Government 2
State Government 3
Tax-exempts 4
Local Government 5
Annual Fraud ( trillion )
(in Billions)
$256.32
239.75
354.21
134.5
68.4
$ 1.053
1. 2002 Statistics of Income , $1,281.6 trillion time 20%.
2. $2.3975 trillion budget times 10%
3. $3,542.1 million times 10%
4. $897 billion in revenue times 15%.
5. $684.6 billion times 10%.
96

Employee Fraud = $ for $ reduction in net income
Suppose $100,000 bottom line reduction.
Suppose 20% profit margin
How much new revenue needed to offset the lost income?
$100,000 = $500,000
20%
So ACFE says $994 billion* lost per year
(2008).
$994 billion = $4.97 trillion needed
20% revenue
-----------------------------------------------------
The FBI estimates that white collar crime is $300 billion each year in the U.S.
97
* $652 billion in 2006.








Almost 90% of occupational frauds involve asset misappropriations .
Average length of a fraud scheme is 18 months .
Most common way of detecting occupational fraud is by tips from employees, customers, vendors, or anonymous sources.
Second way, by management review .
Third, internal controls (2 nd in 2004).
Fourth most common detection: By accident.
The most targeted asset is cash .
Source: 2010 Wells Report
98

Ernst & Young Study (2000)







Leading companies and public bodies in 15 (82) countries
More than 82% (50%) have been victims of fraud in the past year.
82% (84%) of total losses can be attributed to staff.
33% (50%) of the most serious frauds were committed by the organization’s own management.
Most with company more than 5 years (25% more than 10 years).
Theft of cash and purchasing schemes (i.e., employee kickbacks) constituted the majority of frauds.
Reasons: Poor internal controls and finance directors had a limited knowledge of internal controls.
99

Ernst & Young 2002 Survey
• More than
20 percent of the respondents were aware of fraud in their workplace.
• Nearly 80 percent would be willing to turn in a colleague thought to be committing a fraudulent act.
• Employers lose a staggering
20 percent of every dollar earned to some type of workplace fraud.
• More frequently committed frauds are theft of office items, claiming extra hours worked, inflating expense accounts, and taking kickbacks from suppliers.
•
Women are more likely than men to report fraudulent activities.
•
Older employees were more likely to report fraudulent activities than younger employees.
Ernst & Young. “American Works: Employers Lose 20 Percent of Every Dollar to Work Place Fraud.” (2002) Available at http://www.ey.com/global/Content.nsf/US/Media_Release_-_08-
05-02DC 100

Advantage of Compliance Spending
$1
$5.21
Source: Jonny Frank, “Fraud Risk Assessments,” Internal
Auditor , April 2004, p. 47.
101

Some Research on Fraud
Primary motivation to commit fraud [Dechow et al .]
1. Desire to obtain low-cost loans.
2. Weaker governance system.
3. Experience higher cost of capital after fraud discovered.
Summers and Sweeney [1998]:
In the presence of fraud, insiders reduce their holdings of company stock through high levels of selling activity.
Also, growth, inventory, and ROA differ significantly.
102

Some Research on Fraud (cont.)
Skousen and Wright [2008]
Five present proxies:
1. Rapid asset growth.
2. Increased cash needs and external financing.
3. Internal v. external ownership of shares and control of BOD.
Abbot et al . (2000)
1. Independence of the audit committee.
2. Frequency of audit committee meetings.
Dunn (2004)
1. Concentration of power in the hands of insiders.
103

Comparison of Selected Fraud Surveys
Type
Time Period
Number of participants
(population)
Response
Estimated fraud in U.S.
% of companies experiencing fraud
Highest fraud industry
KPMG
Questionnaire
2005-2006
4,056 (6,797)
Second highest fraud industry
Top – Fraud detection –
Tips
Fraud detection – Internal audits
Fraud detection – by accident
Some recover of fraud
Gender of perps - male
Likely age
Fraud by senior mgt.
Fraud by Accounting dept.
Fraud with undergraduate degree
Best control measure
Second best control measure
Not given
Not given
Not given
Not given
Not given
Not given
2005
3,634
PwC
Interview
ACFE
Questionnaire
2008-2009
1,843 (22,927)
59.7%
Not given
74% reporting misconduct
Public sector
Unknown
$1.7 million per company
8%
$2.9 trillion (global)
45% tangible fraud Unclear
Retail/ Consumers Banking/ Financial
Services
Financial Services Manufacturing Global
Manufacturers
Not given 28%
26%
37.8%
13.7% Not given
Not given 6% 9.3%
47%
87%
31-40 (38%)
24%
Not given
52%
External audits
Internal audits
57.9% [2008]
57.2%
42.8
Not given
24.0%
28.8%
Internal audit
Management review
104

Schemes Committed by Perpetrators in the
Accounting Department – 367 Cases
Source: 2010 Wells Report, ACFE.
105

Frequency of Anti-Fraud Controls*
* ”External Audit of F/S” = independent external audits of the organization’s financial statements
“Internal Audit / FE Department” = internal audit department or fraud examination department
“External Audit of ICOFR” = independent audits of the organization’s internal controls over financial reporting
“Management Certification of F/S” = management certification of the organization’s financial statements
Source: 2010 Wells Report, ACFE.
106

Frequency of Occupational Fraud Schemes
Source: 2010 Wells Report, ACFE .
107

Source: 2010 Wells Report, ACFE .
108

Importance of Control in Detecting or
Limiting Fraud
Source: 2010 Wells Report, ACFE .
109

Primary Internal Control Weakness
Observed by CFEs
Source: 2010 Wells Report, ACFE .
110

Primary Internal Control Weakness by Size of
Victim Organization
Source: 2010 Wells Report, ACFE .
111




Fraud's pervasiveness
 Over 43 percent of the companies interviewed reported suffering one or more significant economic crimes.


The average loss from fraud per company increased nearly 40 percent in two years from roughly US$1.7 million in 2005 to approximately
US$2.4 million in 2007.
Over 80 percent of our respondents who suffered fraud also stated that this had caused damage — or significant damage — to their business.
 No industry is immune from the threat posed by economic crime although different sectors are impacted by different types of fraud.
Management's impact
 The level of collateral damage is directly proportional to the seniority of the perpetrator. In 29 percent of the occasions where senior managers were involved, the collateral damage to the brand was very significant.
Controls and culture


Internal controls are not enough. An ethical corporate culture plays an equally important role in deterring fraud.
Companies with both ethical guidelines and compliance programs report suffering fewer economic crimes.
112

.

Emerging markets

Over 43 percent of the companies interviewed reported suffering one or more significant economic crimes in the past two years.


Companies in which parent and subsidiaries employed different accounting systems where more susceptible to fraud
( 61 percent of cases) than those operating a unilateral system ( 52 percent ).
E7 'experts' perceive significant risk associated with levels of corruption, staff integrity and legal environment in the emerging markets.


Actual levels of reported fraud in the E7 countries are consistently high in the area of asset misappropriation.
44 percent of IP infringement cases
(worldwide) that involved a perpetrator overseas involved a perpetrator from
China.
Source: PWC Global Economic Crime Survey
2007
97

Scienter Necessary

To prove any type of fraud, prosecutors must show that scienter was present.

That is, the fraudster must have known that his or her actions were intended to deceive.
-------------------------------------------------
The allure of numbers to most of us, is like the excitement of settling sand--a narcoleptic surety. Crafty criminals prey on this boredom. They pile on the numbers, spewing meaningless records in the false books.
Cory Johnson
114

Fraud
Legally, Black’s Law Dictionary defines fraud as:
All multifarious means which human ingenuity can devise, and which are resorted to by one individual to get an advantage over another by false suggestions or suppression of the truth, and includes all surprise, trick, cunning or dissembling, and any unfair way by which another is cheated.
The four legal elements to fraud are



A false representation or willful omission regarding a material fact.
The fraudster knew the representation was false.
The target relied on this misappropriation.

The victim suffered damages or incurred a loss.
---------------------------------------------------------------------
Institute of Internal Auditors definition:
Any illegal acts characterized by deceit, concealment, or violation of trust. These acts are not dependent upon the applications to obtain money, property, or services; to avoid payment or loss of services; or to secure personal or business advantage.
115

Some Fraud Definitions
The primary factor that distinguishes fraud from error is whether the underlying action is intentional or unintentional. Fraud is an intentional act that results in a material misstatement in financial statements that are the subject of an audit. Two types of misstatements are relevant to the auditor’s consideration of fraudmisstatements arising from financial reporting and misstatements arising from misappropriation of assets.
AICPA, SAS #99/ PCAOB
--------------------------------------------------
The deliberate misrepresentations of the financial condition of an enterprise accomplished through the intentional misstatement or omission of amounts or disclosures in the financial statements to deceive financial statement users.
ACFE
--------------------------------------------------
Fraud is any intentional act or omission designed to deceive others, resulting in the victim suffering a loss and/or the perpetrator achieving a gain.
Managing the Business Risk of Fraud: A Practical Guide, 2008, p.
5, IIA, AICPA, ACFE; http://www.acfe.com/documents/managingbusiness-risk.pdf.
116

Source: KPMG Fraud Study
117

Source: KPMG Fraud Study
118

Source: KPMG Fraud Study
119

Source: 2010 Wells Report, ACFE.
120

Source: 2010 Wells Report, ACFE.
121

Nature of Fraud Companies
•
•
•
•
Median assets and revenues just under $100 M
Median close to breakeven prior to fraud
Stock trading –50% on NASDAQ
Variety of industries




Computer hardware/software
Other manufacturing
Healthcare/health products
Retailers/wholesalers
Source: Beasley et al.
, Fraudulent Financial Reporting, 1998-
2007, COSO, 2010.
122

Auditor Characteristics
•
Mostly Big N auditors
•
Higher percentage of fraud firm audit reports were unqualified opinion with explanatory paragraph
- 56% for fraud firms vs. 36% for no-fraud firms
•
Limited analysis of SOX 404 reports
Source: Beasley et al.
, Fraudulent Financial Reporting, 1998-2007,
COSO, 2010.
123

Auditor Characteristics (cont.)
•
Rate of auditor changes surrounding fraud period twice the rate of change for no-fraud firms (26% vs. 12%)
•
Auditor named in 23% of fraud cases
32 of 83 cases –auditor charged with violating anti-fraud statutes aiding/ abetting violators
- Smaller auditors named more often
Source: Beasley et al.
, Fraudulent Financial Reporting, 1998-2007,
COSO, 2010.
124

Source: Beasley et al.
, Fraudulent Financial Reporting, 1998-2007,
COSO, 2010.
125

Alleged Perpetrators
•
89% of cases –CEO and/or CFO named
•
Motivations include meeting expectations, concealing deteriorating financial condition, preparing for debt/equity offering
Source: Beasley et al.
, Fraudulent Financial Reporting, 1998-2007,
COSO, 2010.
126

Nature of Fraud
•
•
•
•
•
•
•
•
•
Median fraud $12 M, mean fraud $400
M
Average length about 2.5 years, median
2.0 years
61% involve revenue recognition
Variety of techniques –fictitious, premature
51% overstated assets
Overvaluing existing assets (often inventory and A/R)
Capitalizing expenses
Misappropriation of assets –14%
Most precede SOX due to AAER time lag
Source: Beasley et al.
, Fraudulent Financial Reporting, 1998-2007,
COSO, 2010.
127

COSO’s Major Motives for Fraud
1.
2.
3.
4.
Cover up assets misappropriated for personal gain.
Increase the stock price to increase the benefits of insider traders and to receive higher cash proceeds when issuing new securities.
Obtain national stock exchange listing status or maintain minimum exchange listing requirements to avoid de-listing.
Avoiding a pretax loss and bolstering other financial results.
128

COSO Survey (1999)
• Financial pressures were important contributory factors for the commitment of financial statement fraud (FSF).
• Top executives (e.g., CEOs, CFOs) were commonly involved in FSF.
• The majority of alleged FSF were committed by small companies.
• Board of directors and audit committees of the fraud companies were weak and ineffective.
• Adverse consequences for fraud companies were bankruptcy, significant changes in ownership, and delisting by national stock exchanges.
• Cumulative amounts of FSF were relatively significant and large.
• More than half of the alleged FSF involved overstatement of revenues.
• Most FSF were not isolated to a single fiscal period.
• Fifty-five percent of the audit reports issued in the last year of the fraud period contained unqualified opinions.
•The majority of the sample fraud companies (56 percent) were audited by Big Eight/Big Five auditing firms.
129

Business Fraud Survey (1999)
1.
Nearly 15 percent reported management misappropriation as the greatest fraud risk to their organization.
2.
Sixty percent of the respondent reported their department’s fraud risk analysis process as being reactive in nature.
3.
The majority of respondents (72 percent) reported that their organization did not have fraud detection and deterrence programs in place.
4.
The majority of respondents (68 percent) reported that they never felt pressured to compromise the adherence to their organization’s standard of ethical conduct.
5.
The majority of the respondents reported their organization’s external auditors as being ineffective in preventing and detecting fraud .
6.
The majority of the respondents believed that more budgets should be devoted to fraud-related activities and training in department.
The Institute of Management and Administration (IOMA) and the Institute of Internal Auditors(IIA). “Business Fraud Survey.” (1999). Available at http://www.theiia.org
130

One Piece at a Time
131

One Piece At A Time
Well, I left Kentucky back in '49
An' went to Detroit workin' on a 'sembly line
The first year they had me puttin' wheels on cadillacs
Every day I'd watch them beauties roll by
And sometimes I'd hang my head and cry
'Cause I always wanted me one that was long and black.
One day I devised myself a plan
That should be the envy of most any man
I'd sneak it out of there in a lunchbox in my hand
Now gettin' caught meant gettin' fired
But I figured I'd have it all by the time I retired
I'd have me a car worth at least a hundred grand.
CHORUS
I'd get it one piece at a time
And it wouldn't cost me a dime
You'll know it's me when I come through your town
I'm gonna ride around in style
I'm gonna drive everybody wild
'Cause I'll have the only one there is a round.
So the very next day when I punched in
With my big lunchbox and with help from my friends
I left that day with a lunch box full of gears
Now, I never considered myself a thief
GM wouldn't miss just one little piece
Especially if I strung it out over several years.
132

One Piece At A Time
The first day I got me a fuel pump
And the next day I got me an engine and a trunk
Then I got me a transmission and all of the chrome
The little things I could get in my big lunchbox
Like nuts, an' bolts, and all four shocks
But the big stuff we snuck out in my buddy's mobile home .
.
Now, up to now my plan went all right
'Til we tried to put it all together one night
And that's when we noticed that something was definitely wrong .
The transmission was a '53
And the motor turned out to be a '73
And when we tried to put in the bolts all the holes were gone.
So we drilled it out so that it would fit
And with a little bit of help with an A-daptor kit
We had that engine runnin' just like a song
Now the headlight' was another sight
We had two on the left and one on the right
But when we pulled out the switch all three of 'em come on.
The back end looked kinda funny too
But we put it together and when we got thru
Well, that's when we noticed that we only had one tail-fin
About that time my wife walked out
And I could see in her eyes that she had her doubts
But she opened the door and said "Honey, take me for a spin."
133

One Piece At A Time
So we drove up town just to get the tags
And I headed her right on down main drag
I could hear everybody laughin' for blocks around
But up there at the court house they didn't laugh
'Cause to type it up it took the whole staff
And when they got through the title weighed sixty pounds
CHORUS
I got it one piece at a time
And it didn't cost me a dime
You'll know it's me when I come through your town
I'm gonna ride around in style
I'm gonna drive everybody wild
'Cause I'll have the only one there is around.
(Spoken) Ugh! Yow, RED RYDER
This is the COTTON MOUTH
In the PSYCHO-BILLY CADILLAC Come on
Huh, This is the COTTON MOUTH
And negatory on the cost of this mow-chine there RED
RYDER
You might say I went right up to the factory
And picked it up, it's cheaper that way
Ugh!, what model is it?
Well, It's a '49, '50, '51, '52, '53, '54, '55, '56
'57, '58' 59' automobile
It's a '60, '61, '62, '63, '64, '65, '66, '67
'68, '69, '70 automobile.
134

Missing Fraud
Auditors will continue to miss fraud because much of their work is predicted on the assumption that separation of duties prevents fraud (i.e., one person hold the money and another person keeps track of it). The Equity Funding case shakes the foundations of auditing in that so much is based on the assumption that people don’t collude very long. These people work together as an efficient team for a very long time [9 years].
Lee Seidler
-------------------------------------------
“When the sun goes down, then the sneaks will play at night.”
From Porter Wagoner “Sneaks Crawl at Night.”
135

The Perpetrators






First-time offenders (93% 2008).
Losses from fraud caused by managers and executives were 3.5 times greater than those caused by non-managerial employees [2002].
Losses caused by men were 3 times those caused by women [53% males];
[Male, 59.1%, 2008].
Losses caused by perpetrators 60 and older were 27 times those caused by perpetrators 25 or younger
[2002].
Losses caused by perpetrators with post-graduate degrees were more than 3.5 times greater than those caused by high school graduates
[2002].
Acted alone (63.9% in 2008).
Source: 2008/ 2002 ACFE Report
136


Embezzlement

Fraud

Forgery

Larceny – theft

Serial Killer (62)
41%
39%
36%
33%
20%
137









White-collar criminals have these characteristics:
Likely to be married.
Member of a church.
Educated beyond high school.
No arrest record.
Age range from teens to over
60.
Socially conforming.
Employment tenure from 1 to
20 years.
Acts alone 70% of the time.
Source: Jack Robertson, Fraud Examination for
Managers and Auditors (1997).
138

Other Characteristics of Occupational Fraudsters :







Egotistical
Risk taker
Hard Worker
Greedy
Disgruntled or a complainer
Overwhelming desire for personal gain
Pressured to perform
 Inquisitive
 Rule breaker
 Under stress

Financial need

Big spender

Close relationship with vendors / suppliers
Source: Lisa Eversole, “Profile of a Fraudster,” Some Fraud
Stuff, http://www.bus.lsu.edu/accounting/faculty/lcrumbley/fraudste r.html
139

Robert J. Lindquist
- D. Larry Crumbley
- Michael J. Comer
140

“Finding fraud is like trying to load frogs on to a wheelbarrow.”
Larry Crumbley
It’s easy to fall in love;
It’s easy to commit fraud;
It’s hard to catch the fraud.
141

D. Larry Crumbley
* PH2000 mechanical chicken harvester.
Scott Kilman, “Poultry in Motion: Chicken
Catching Goes High Tech,” Wall Street
Journal, June 4, 2003, p. A-1. Human can catch about 1,000 an hour. $200,000 cost.
142

How Fraud Is Detected
2.
3.
1.
2.
Tips
Management review
By accident
Internal audit
2010 2008 2006
40.2%
15.4%
46.2% 34.2%
8.3% 20% 25.4%
13.9% 19.4% 20.2%
4.
5.
6.
Internal controls
External audits
Notification by police
NA
4.6%
1.8%
23.3%
9.1%
3.2%
Source: 2008/ 2006/ 2004 Wells Reports, ACFE.
19.2%
12.0%
3.8%
A British publication suggests that prosecutors think that accountants have x-ray vision. “It is assumed that if an accountant stares really hard at a set of accounts, then somehow, magically, information will appear before his/ her eyes that are invisible to lesser mortals.”
NIFA News, Number 10, p.1.
143

Sources of Tips
Employee
Customer
Vendor
Shareholder/ owner
Anonymous
Competitor
2008 2006
57.7% 64.1%
17.6% 10.7%
12.3% 7.1%
9.2% NA
8.9% 18.1%
1.0% NA
Source: 2008/ 2006 Wells Report, ACFE.
144

Tips Are Important
Some of the biggest recent accounting scandals (e.g., HealthSouth, Xerox, Waste
Management) involve situations where the auditors were tipped off or otherwise alerted to possible frauds but they failed to investigate them deeply enough.
In her book Power Failure , Sherron
Watkins says she talked to Jim Hecker, at
Arthur Andersen, on the phone about the dangers of the Raptors and Fastow’s inherent conflict. Hecker wrote a memo to the files and forwarded copies to David
Duncan and Enron’s audit partner, Debra
Cash. His note: “Here is my draft memo, for your review, for ‘smoking guns’ that you can not extinguish.” p. 285.
145

Finding Fraud In The Midst of a Conspiracy
When speaking about the fraud of HealthSouth, a spokesman for Ernst & Young emphasized the difficulty of detecting accounting fraud in the midst of a conspiracy of senior executives and false documentation.
An accountant testified that HealthSouth employees would move expenses of $500 to $4,999 from the income statement to the balance sheet throughout the year. Overall the SEC said about
$1 billion in fixed assets were falsely entered. The employees moved only those expenses less than
$5,000 , because Ernst & Young automatically looked at those expenses over $5,000.
An ex-bookkeeper even sent Ernst & Young an email flagging one area of the fraud, but E & Y still did not catch it. Employees actually produced false invoices when the accounting firm asked for back-up.
Source: Charles Mollenkamp, “Accountant Tried in Vain to Expose
HealthSouth Fraud,” Wall Street Journal , May 20, 2003, pp. A-1 and A-13.
146

D
.
Larry Crumbley
--------------------------------------------
Source: Robert J. Lindquist
-------------------------------------------------------
D. Larry Crumbley
147

Difficult Task
More forensic techniques should become a part of both external and internal auditing. But Stephen Seliskar says that “in terms of the sheer labor, the magnitude of effort, time and expense required to do a single, very focused [forensic] investigation
-- as contrasted to auditing a set of the financial statements -- the difference is incredible.” It is physically impossible to conduct a generic fraud investigation of an entire business.
Source : Eric Krell, “Will Forensic Accounting Go
Mainstream?” Business Finance Journal , October 2002, pp. 30-34. www.investigation.com/artilces/library/2002Articles/15.ht
m .
148

Stealth
Once a forensic accountant [e.g., Cr.FA,
CFE, CFFA] is engaged, Michael Kessler says that they should not be disruptive.
Most employees are not aware that an investigation is taking place. We go in as just another set of auditors, favoring a
Columbo-esque investigative style. “We don’t wear special windbreakers that say
‘forensic accountant.’”
Source: Eric Krell, “Will Forensic Accounting Go
Mainstream?” Business Finance Journal , October 2002, pp. 30-34. www.investigation.com/articles/library/2002Articles/15.ht
m
149

Kessler Survey (2001)

About 13% of employees are fundamentally dishonest .

Employees out-steal shoplifters.

About 21% of employees are honest .

But 66% are encouraged to steal if they see others doing it without repercussion.
Source: “Studies Show 13% of employees are fundamentally dishonest,” KesslerNews, November 1, 2001, www.investigation.com/articles/library/2001articles .
---------------------------------------------------------------------------------------



30% of people in U.S. are dishonest.
30% situational dishonest.
40% are honest all of the time.
Source: R.C. Hollinger, Dishonesty in the Workplace , Park Rider, N.Y.:
London House Press, 1989, pp. 1-5.
150

Store Theft Costs ($42.2 billion)

Retail crime over past year (11/10/09) cost to average family $435 in the U.S.

Employee theft, $18.7 billion.

Shoplifting cost sellers, $15 billion.

Others, $6.8 billion.

Total retail crime rose 5.9% to $115 billion.
P.B. Kavilanz, “Store Theft Cost to Your
Family: $435,” cnnmoney.com, November
10, 2009.

Richard Davis says there is no psychometric way to measure integrity, so forget about personality tests to pick the fraudsters. They are easily faked.
He is more hopeful about new methods involving microexpressions , or those brief facial expressions that may reveal a person’s predisposition to fraud.
Watch “Lie to Me.”
Source: S.L. Mintz, “The Gauge of Innocence,” CFO , April 2009, p. 57.
152

Little Has Changed: CFO Survey



Nearly half of CFOs – 47 percent – report they still feel pressure from their superiors to use aggressive accounting to make results look better.
What is worrisome is that the pressure to make the numbers hasn’t abated much. Of these who have felt pressure in the past, only 38 percent think there is less pressure today than there was three years ago, and
20 percent say there is more .
Few finance executives have much confidence in the numbers their colleagues are reporting. Only 27 percent say that if they were investing their own money, they would feel “very confident” about the quality and completeness of information available about public companies.
Source: Don Durfee, “It’s Better (and Worse) Than You Think,” CFO Magazine, May 3, 2004 .
153

Some Infamous Financial Statement Frauds

Tyco
•
Large interest-free loans to officers; then forgiven ($87.1 million).
•
•
•
•
•
•
Unauthorized bonuses (no approval of BOD).
Fake documents showing no loans outstanding.
SEC found that PwC had prior knowledge of fraud back to 1998.
Undisclosed real estate transaction with related parties.
False entries in books to cover-up bribes given to foreign officials.
If numbers did not meet expectations, Richard Scrushy told employees to “fix them.”

Adelphia [Greek for brothers]
•
•
•
Moved debt to subsidiaries which were not consolidated.
Personal loans to the Rigas family (self-dealing).
Falsified operations statistics and inflated earnings.

Xerox
•
Accelerated revenues from leasing equipment.
•
Cookie jar reserves.

Sunbeam
•
•
•
•
Cookie-jar restructuring reserves.
Channel stuffing.
Guaranteed sales.
Improper bill and hold.
154

Some Infamous Financial Statement Frauds

Waste Management
•
Reduced depreciation expense by inflating salvage value and extending useful lives.
•
•
•
No write-offs for unsuccessful land projects.
Improperly capitalized a number of expenses.
Made top drawer adjustments.

HPL Technologies (2001-2002)
•
•
•
Created many fake purchase orders from Canon sales (a
Japanese distributor). Printed and pasted Canon signatures on the documents.
Altered bank records to create millions of dollars in nonexistence customer payments.
Borrowed millions from his brokerage account (secured by HPL stock) and channeled the funds into the company in the form of payments.

Baptist Foundation of Arizona
•
•
•
•
Set up subsidiaries owned by insiders to buy real estate (which had crashed in value) from BFA.
BFA then recorded notes receivables in the amount of the book values.
Ran a ponzi scheme using new investors’ money to pay old investors high returns.
Refused to give Arthur Anderson financial statements of the subsidiaries.
155

D.R. Cressey’s Fraud Pyramid
Don’t think you’re the only ones
Who bend it, break it, stretch it some.
We learn from you.
Girls lie, too
Terri Clark
156

Incentives / pressures
Attitude /
Rationalization
Opportunity
157




Motive

Excessive spending to keep up appearances of wealth.



Other, outside business financial strains.
An illicit romantic relationship.

Alcohol, drug or gambling abuse problems.
Opportunity
Lack of internal controls.

Perception of detection = proactive preventative measure.
Rationalization (reduces offender’s inhibitions)

“Borrowing” money temporarily.


Justifying the theft out of a sense of being underpaid . (“I was only taking what was mine.”)
Depersonalizing the victim of the theft. (I wasn’t stealing from my boss; I was stealing from the company.”)
158

Psychology of Fraud




Fraud can be explained by three factors:
•
•
•
Supply of motivated offenders.
Availability of suitable targets.
Absence of capable guardians (e.g., internal controls).
The three B’s -- babes, booze, and bets.
Some fraudsters wish to make fools of their victims. They take delight in the act itself.
Risk of fraud is a product of both personality and environmental (or situational) variables.
Grace Duffield and Peter Grabosky, “The Psychology of Fraud,” Australian
Institute of Criminology, No. 19.
159

A 2007 study discovered that the primary reasons for fraud are
“pressures to do whatever it takes to meet goals” (81 percent of respondents) and “to seek personal gain” (72 percent).
Many respondents indicated that “they do not consider their actions fraudulent” (40 percent) as a reason for wrongful behavior.
Source: Oversight Systems Report on Corporate Fraud,
2007, www.oversightsystems.com; Managing the Business
Risk of Fraud: A Practical Guide, IIA, AICPA, ACFE; http://www.acfe.com/documents/managing-businessrisk.pdf, 2008, p. 6.
160

The Fraud Diamond
Incentive/ Pressures
Capacity Opportunity
Rationalization/ Integrity
Capacity: Necessary traits; abilities; can pull it off; positional authority
D.T. Wolfe and D.R. Hermanson, “The Fraud Diamond:
Considering The Four Elements of Fraud,”
The CPA J.
,
December, 2004, pp. 38-42.
161

Personal
Greed
The Fraud Pentagon
Pressure
Opportunity
Employee
Disenfranchisement
Rationalization
Source: P.D. Goldmann, Fraud in the Markets , John Wiley &
Sons, 2010, pp. 24-25.
162

Behavioral psychologists call this rationalization “reframing,” where someone who is about to cheat will adjust the definition of cheating to exclude his or her actions.
Dan Ariely says “people who would never take $5 from petty cash have no problem paying for a drink for a stranger and putting it on a company tab.”
Source: S.L. Mintz, “The Gauge of Innocence,”
CFO , April 2009, p. 56.
163

Rationalization
Sherron Watkins provides an excellent comment about rationalization with respect to
Enron’s Jeff Skilling and Andy
Fastow.
At what point did they turn crooked? “But there is not a defining point where they became corrupt. It was one small step after another, with more and more rationalizations. There was a slow erosion of values over time.”
Source: Pamela Colloff, “The Whistle-
Blower,” Texas Monthly , April 2003, p. 141.
164

Greed
“ I don’t see many ways to eliminate greed; it is an inherent part of the human character. So antifraud measures must be aimed at educating people on the risks and the type of technical controls that they can implement.”
Alan Oliphant
Source: David G. Banks, “The Fight Against
Fraud,” Internal Auditor , April 2004, pp.
36-37.
-------------------------------------------------
“It was definitely the perfect fraud……..
unfortunately they hired the perfect investigator.”
Cartoon in M.J. Comer’s book
165

Example of Greed (or Incentive)

Three Duke Energy employees were charged in April 2004 for allegedly ginning up
“phony electricity and material-gas trades to boost trading volumes” and inflating “profits in a trading book that was the basis of their annual profits.”

“The trading schemes are alleged to have inflated their bonuses by at least $7 million” between March 2001 and May 2002. There were 400 rigged trades that produced a $50 million profit in the trade books.

Duke used mark-to-market accounting to record profit and loss contracts that might not be settled for years.

So called “round-trips trades (or wash sales) were used to jack up reported trading volumes.
Source: Rebecca Smith, “Former Employees of Duke Charged Over Wash
Trades,” WSJ, April 22, 2004, p. A-15.
166










KPMG’s Causes or Indicators of Fraud
(1998)
Personal financial pressure.
Substance abuse.
Gambling.
Real or imagined grievances.
Ongoing transactions with related parties.
Increased stress.
Internal pressures to meet deadlines/budgets.
Short vacations.
Unusual hours.
Source: KPMG’s 1998 Fraud Survey
I’m gonna keep follow’ a feelin.’
Till I find what I’m looking for.
Austin Sherrie
167




85% of fraud victims never get their money or property back.
Most investigations flounder, leaving the victims to defend for themselves against counter-attacks by hostile parties.
30% of companies that fail do so because of fraud.
Source: Michael J. Comer, Investigating
Corporate Fraud , Burlington, VT: Gower
Publishing, 2003, p. 9.
168

2.
3.
4.
5.
1.
6.



Smaller firms have incurred higher SOXrelated costs.
Larger increase in audit fees – ineffective internal controls.
Complex standards affect smaller firms because they lack in-house staff.
Larger firms stopped working with smaller firms.

Larger non-audit fees.
Directors fees much higher.
Potential benefits for smaller firms are higher for small firms.
Overall, SOX imposes a net loss on all firms.
CEOs and CFOs spent as much as 90% of their time on compliance, forcing them to defer investments.
SOX reduced the value of small firms—no effect or positive for large firms.
Source: E. Kamar, P.K. Mandic, and E. Talley, “SOX’s Effects on
Small Firms: What Is the Evidence?” June 2007.
169

Sarbanes-Oxley Act Creates Need For
Forensic Accounting
1.
2.
To assist corporations in their quest to ensure compliance with the mandates of S-O.
Public accounting firms must introduce forensic techniques into audits, and they may request help from forensic experts .
-------------------------------------------------
Robbers do not need guns. Pencil and paper will do. Opportunity and greed are thievery’s driving forces. Put enough zeroes behind a number, and it’s amazing how flexible morals become. How many years in prison would you do to accumulate a half a billion dollars in your bank account?
John H. Bolt
170

Section 404-Sarbanes-Oxley
 Beginning June 2004, large companies must have in place tight internal controls, assess the effectiveness of these controls annually (and issue a report of their effectiveness), and pay for an independent assessment by external auditors.
 Need an internal control framework (e.g., COSO or similar).


Companies are paying steep fees to fund the PCAOB.
Audit fees have increased by as much as 30% since S/O.
171

Six-Legged Table of Financial Statements
Audit
Committee
Board of Directors
Top
Manageme nt
PCAOB and
SEC
External
Auditor
Internal
Auditors
In a baseball analogy, think of the pitcher as the auditee, the catcher as the internal auditor, the manager as top management, the scorekeeper as the external auditor, and the umpire would be PCAOB (SEC).
The scoreboard could be the general ledger.
The Big “R”
172

Parallel Universe: Two Opinions
External auditors must do a regular audit of a company (e.g., financial statements are fairly stated) and must also audit the internal controls that are to ensure that the financial statements are accurate (e.g., issue two opinions).
Prior to the external auditors’ arrival, the company itself must review its internal controls and issue a report on the effectiveness of these controls.
There will be two external opinions: on management’s assessment of the internal controls over financial reporting and another one on the effectiveness of the internal controls themselves (e.g., statements are fairly stated).
PCAOB Release 2004-001.
173

Anti-Fraud Strategy





The company’s stance on fraud and other breaches of the ethical code.
What will be done and by whom in the case that frauds or other breaches are suspected.
The key initiatives which the company proposes;
Who will lead these initiatives.
Clear deadlines and measures for monitoring effectiveness of implementation.
Source: David Davies, Fraud Watch , 2 nd Edition., London, ABG
Professional Information, 2000, p. 77.
174

Anti-Fraud Program
An auditor must perform
“company-wide anti-fraud programs and controls and work related to other controls that have a pervasive effect on the company, such as general controls over the company’s electronic data processing.”
Further, the auditor must
“obtain directly the ‘ principal evidence ’ about the effectiveness of internal controls.”
PCAOB endorses the COSO
Cube
[pp. 24-26 and A-25 and A-26]
Source: PCAOB Release 2004-001.
175

Frameworks Being Used by CFOs
• COSO 82%
• Auditing Standard No. 2 [now #5] 28%
• COBIT (Control/ Objectives
33% for Inf./ Related Technology)
•
SAS 55/78 (AICPA)
•
Others
13%
2%
Source: Helen Shaw, “The Trouble with COSO,” CFO, March
2006, p.75.
176

(5 components of internal controls)
177

HIERARCHY OF INTERNAL CONTROL NEEDS
178

1.
2.
3.
4.
5.
Control environment – management’s attitude toward controls, or the “tone at the top.”
Risk assessment – management’s assessment of the factors that could prevent the organization from meeting its objectives.
Control activities – specific policies and procedures that provide a reasonable assurance that the organization will meet its objectives. The control activities should address the risks identified by management in its risk assessment.
Information and communication – system that allows management to evaluate progress toward meeting the organization’s objectives.
Monitoring – continuous monitoring of the internal control process with appropriate modification made as deemed necessary.
www.erm.cosous.org
179

COSO New Cube: Enterprise Risk Management
Source: erm.coso.org. See Apostolou and Crumbley, “ Sarbanes-Oxley
Fall-out Leads to Auditing Standards No. 2: Importance of Internal
Controls,”
The Value Examiner , November/December 2004, pp. 55-60.
180

Management Control Philosophy




Fraudulent Financial Reporting more likely to occur if
Firm has a poor management control philosophy.
Weak control structures.
Strong motive for engaging in financial statement fraud .

Poor management philosophy:



Large numbers of related party transactions.
Continuing presence of the firm’s founder.
Absence of a long-term institutional investor.
Source: Paul Dunn “Aspect of Management Control Philosophy that contributes to fraudulent Financial Reporting,” Journal of Forensic
Accounting, Vol. IV (2003), pp. 35-60
181


Segregation of Accounting Duties


Effective segregation of accounting duties is achieved when the following functions are separated:



Authorization —approving transactions and decisions.
Recording —Preparing source documents; maintaining journals, ledgers, or other files; preparing reconciliations; and preparing performance reports.
Custody —Handling cash, maintaining an inventory storeroom, receiving incoming customer checks, writing checks on the organization’s bank account.
If any two of the preceding functions are the responsibility of one person, then problems can arise.
Source: Accounting Information Systems, 10e
Romney/Steinbart, PH
182

Segregation of Duties
•
Person in charge of receiving cash or custody of cash should not be in charge of accounting for it.
•
Treasurer should receive cash receipts.
•
Controller should account for it
(with bank reconciliations).
183

Segregation of Duties (cont.)
Example: President’s secretary kept the books, received the bank statements, and did the reconciliations.
•
Found checks that agreed in detail with disbursement journal, except dates on front and clearance dates on back.
•
Check numbers in current year were in the same number sequence as past year.
•
She wrote herself a check but pulled it and replaced it with a previous year valid check.
184

Gross Profit Analysis
•
Bar was experiencing a lower gross margin on drink.
•
One Sunday evening secretly marked the levels of each bottle of wine and liquor.
•
Once the levels of the bottles were checked in a few days and the number of drinks poured were calculated, the skimming bartenders were caught.
185

A major step in a forensic audit is to conduct a risk assessment, which entails a comprehensive review and analysis of program operations in order to determine where risks exists and what those risks are.
Any operation developed during the risk assessment process provides the foundation or basis upon which management can determine the nature and type of corrective actions needed.
A risk assessment helps an auditor to target high-risk areas where the greatest vulnerabilities exist and develop recommendations to strength internal controls
Source: B.l. Derby, “Data Mining for Improper Payments,”
Journal of Government Management, Winter 2003,
Vol.52, No. 4, pp. 10-13.
186

Ernst & Young report found that organizations that had not performed fraud vulnerability reviews were almost two-thirds more likely to have suffered a fraud within the past 12 months.
J.W. Koletar, p. 167.
A company should have a fraud risk assessment performed of their controls, procedures, systems, and operations. J.W.
Koletar, p. 166.
Sources: J.W. Koletar, Fraud Exposed, John Wiley &
Sons, 2003
187

Three Key Elements: Fraud Risk Assessment
• Identify inherent fraud risk — Gather information to obtain the population of fraud risks that could apply to the organization. Included in this process is the explicit consideration of all types of fraud schemes and scenarios; incentives, pressures, and opportunities to commit fraud; and IT fraud risks specific to the organization.
• Assess likelihood and significance of inherent fraud risk —
Assess the relative likelihood and potential significance of identified fraud risks based on historical information, known fraud schemes, and interviews with staff, including business process owners.
• Respond to reasonably likely and significant inherent and residual fraud risks — Decide what the response should be to address the identified risks and perform a cost-benefit analysis of fraud risks over which the organization wants to implement controls or specific fraud detection procedures.
Source: Managing the Business Risk of Fraud: A Practical Guide, IIA,
AICPA, ACFE; http://www.acfe.com/documents/managingbusiness-risk.pdf, 2008, p. 20.
188

Important Elements: Fraud Risk Program











Roles and responsibilities (e.g., BOD, audit committee, management, staff, internal auditing department).
Commitment (e.g., code of conduct).
Fraud awareness (e.g., periodic assessment, training and communication).
Affirmation process (e.g., acknowledgement of the code).
Conflict disclosure (by executives, employees, and contractors).
Fraud risk assessment.
Reporting procedures and whistleblower protection.
Investigation process (documented protocol).
Corrective action (civil, criminal action, disciplinary).
Quality assurance.
Continuous monitoring.
Source: Managing the Business Risk of Fraud: A Practical Guide, IIA, AICPA,
ACFE; http://www.acfe.com/documents/managing-business-risk.pdf,
2008, p. 6.
189

Mary Ben Jane Sam
Controls
Cash
Entries in
Books
Deposits
Checks
Does
Reconciling
Controls
Accounts
Receivable
X
X X X
X
X
X
X
X
X X X
190

1.
2.
3.
191

See COSO, “Guidance for Smaller
Public Companies,” www.ic.coso.org
192

1.
2.
3.
4.
5.
6.
7.
Failure to coordinate or integrate the
AS2 audit of internal controls with the financial audit.
Doing detail testing before the top down audit looking for the high risk areas (e.g., fishing).
Inadequate consideration of the unique risk factors of the company
(e.g., avoid the checklist mentality).
Do not audit the low risk areas.
Inefficient walkthroughs of transaction controls.
Too little reliance on others.
Insufficient evaluation of compensating controls when there is a discovery of control deficiencies.
Inadequate testing of controls over financial statement presentation and disclosures.
193

GAP Analysis
194

SAS No. 99 Types of Fraud
Unlike errors, fraud is intentional and most often involves deliberate concealment of facts by management, employees, or third parties

Fraudulent Financial Reporting: does not follow GAAP (e.g., recording fictitious sales)

Misappropriation of Assets: embezzling receipts, stealing assets, or causing an entity to pay for goods or services that have not been received.
Often accomplished by false or misleading records or documents, possibly created by circumventing internal controls.
195

Fraudulent financial reporting may occur by the following:


Manipulation, falsification, or alteration of accounting records, or supporting documents from which financial statements are prepared.
Misrepresentation in or intentional omission from the financial statements of events, transactions, or other significant information.

Intentional misapplication of accounting principles relating to amounts, classification, manner of presentation, or disclosure.
Source: SAS No. 99, “Consideration of Fraud in a
Financial Statement Audit,” New York: AICPA
196

Falsification
Enron’s crude oil trading operation based in
Valhalla, New York was fictitious, according to one auditor. “It was pretend. It was a playhouse. There were a lot of expensive people working there, and it was impressive looking, but it wasn’t legitimate work.
The traders were keeping two sets of books, one for legitimate purposes – to show Enron and auditors from Arthur
Andersen – one other set in which to record their ill-gotten gains.
Source: Mimi Swartz and Sherron Watkins, Power
Failure , New York: Doubleday, 2003, p.31.
197

SAS No. 99 Ways to Overcome the Risk of
Management Override of Controls



198

Parmalat Deceptions








Parmalat, an Italian diary company, had a nonexistence Bank of America bank account worth $4.83 billion . A SEC lawsuit asserts that Parmalat “engaged in one of the largest and most brazen corporate financial frauds in history.”
Apparently, the auditors Grant Thornton relied on a fake Bank of America confirmation prepared by the company.
SAS No. 99 does not prohibit clients from preparing confirmations.
The fraud continued for more than a decade. At least $9 billion unaccounted for.
Therefore, the audited company should not be in control of the confirmation process.
The owner treated the public company as if it was his own bank account.
An unaware phone operator was the fake chief executive of more than 25 affiliated companies.
Some $3.6 billion in bonds claimed to be repurchased had not really been bought.
199




Examples
Enron issued $1.2 billion of stock to special purpose entities and recorded a
$1.2 billion notes receivable (rather than a contra account to stockholders equity).
Both assets and owners equity were overstated by $1.2 billion.
HealthSouth allegedly overstated profits by at least $14 billion by billing Medicare for physical – therapy services the company never performed. The company submitted falsified documents to
Medicare to verify the claims over 10 years.
E&Y collected $2.6 million from
HealthSouth (as audit-related fees) to check the cleanliness and physical appearances of 1,800 facilities. A 50point checklist was used by dozens of junior-level accountants in unannounced visits. For 2000, E&Y audit fee, $1.03
million; other fees, $2.65 million.
200






Embezzlement and Slush Funds
Chung Mong-Koo, chairman of Hyundai
Motor , South Korea’s largest carmaker, was sentenced to three years in prison in
February 2007, for embezzlement, breach of trust, and secretively setting up slush funds.
Mr. Chung embezzled about $100 million of company funds and inflicted about $224 million of damage on group affiliates during rights issues.
Convicted of using deals to boost his financial gains and those of his son, who runs affiliate Kia Motors.
Welcomed by corporate governance campaigners which showed that Korea would no longer tolerate chaebol owners using their companies to pursue their personal interests.
Although he owned only 5%, he ran it as a family business . Employees were terrified of him. Whistleblower alerted authorities of the slush funds.
Song Jung-a, “Hyundai Chief’s Prison Term Compounds Woes of Car
Giant,” Financial Times , February 6, 2007, p. 15.
201

Easiest Way to Cook the Books?
A large number of financial frauds are accomplished by simply booking late entries.
Thomas Ray, chief auditor of PCAOB: “It’s the easiest way to commit fraud.”
Ray: “It’s the easiest to find.”
But Dell, Inc. cooked the books for four years without PwC’s knowledge.
Source: “Auditors Told to Go Harder on Fraud,” Financial
Week, December 17, 2007. http://www/financialweek.com/apps/pbcs.dll/article?AID=/2
007121...
202

Journal Entries at Year End: Those Magic Changes
 Apparently, Arthur Andersen was given limited access to the general ledger at
WorldCom, which had a $11 billion fraud
(largest accounting fraud in history). Most of the original entries for online costs were properly placed into expense accounts.
 However, near the end of the period these entries were reversed . One such entry was as follows:
Other Long-term Assets $629,000,000
Construction in Progress $142,000,000
Operating Line Costs
$771,000,000
The support for this entry was a yellow postit note .

WorldCom’s outside auditors refused to respond to some of Cynthia Cooper’s questions and told her that the firm had approved of some of the accounting methods she questioned.
203

Those Magic Changes: Yellow Peril
 Fourth Quarter of 1999: "The $239 million
[international line cost accrual release] was entered in WorldCom's general ledger ... The only support recorded for the entry was
'$239,000,000,' written on a Post-it Note and attached to a printout of the entry."
 Third Quarter of 2001: "Myers gave Sethi a Postit Note that said 'Assume $742 million.' Later,
Myers and Sethi had a conversation confirming that $742 million identified on the Post-it Note was the line cost capitalization entry for the quarter.” http://thestreet.com/pf/markets/dumbestgm/10093441.html
-----------------------------------------------------
Those Magic Changes
“Oh my heart arranges, oh those magic changes, oooh yeah.”
Grease
204

Yellow Peril
 First Quarter of 2002: "In Capital Reporting,
Myers told Sethi to go see Vinson, who would have the amount to be capitalized. When Sethi did so, Vinson handed him a Post-it Note that had the $818 million adjustment on it. Brian Higgins once again refused to make the necessary allocation for the first-quarter 2002 capitalization entry . Despite his growing concerns, Sethi made the allocation because he was concerned that his immigration status would be jeopardized if he lost his job."
 First Quarter 2002: "$109.4 million was taken from the general accrual account that Vinson set up and reclassified to several SG&A balance sheet accounts in five large, round-dollar amounts. The only supporting documentation that we were able to locate for these entries was a
Post-it Note listing the various SG&A accounts and the amounts that should be taken from the
Vinson account." http://thestreet.com/pf/markets/dumbestgm/10093441.html
205

Cooking-the-Books Often Collaborative
Effort
•
For restatements between January 1,
1997 to June 30, 2002, 45% were accused of securities fraud and subject to shareholder suits.
•
Average of 7 individuals were implicated, including
CEOs
CFOs
COOs
General counsel
Directors
Internal/external auditors
Source: Robert Tillman and Michael Indergaard, Control Overrides in Financial Statement Fraud.
206

WorldCom Fraud Massive






At least 40 people knew about the fraud.
They were afraid to talk.
Scott Sullivan handed out $10,000 checks to 7 involved individuals.
Altered key documents and denied
Andersen access to the database where most of the sensitive numbers were stored.
Andersen did not complain about denied access.
Company officials decided what tax rates they wanted and then used the reserves to arrive at the tax rates.
Source: Rebecca Blumenstein and Susan Pullian,
“WorldCom Fraud Was Widespread,” Wall
Street J.
, June 10, 2003, p. 3.
207

WorldCom Fraud Massive (contd.)



David Schneedan, CFO at a division, refused to release reserves twice.
E-mail from David Myers, WorldCom comptroller, to Schneedan:
“I guess the only way I am going to get this booked is to fly to DC and book it myself. Book it right now; I can not wait another minute.”
Buddy Gates [director of general accounting] said to an employee complaining about a large accounting discrepancy:
“Show those numbers to the damn auditors, and I’ll throw you out the f_____ window.”
Source: Rebecca Blumenstein and Susan Pullian,
“WorldCom Fraud Was Widespread,” Wall Street J.
,
June 10, 2003, p. 3.
208

Contrasting Auditing, Fraud Examination, &
Forensic Accounting
Source: G.
S. Smith and D.L. Crumbley, “ Defining a Forensic
Audit ,” Journal of Digital Forensics, Security, and Law , 2009,
Vol. 4, No. 1, p. 69.
Auditing is a macro process, and forensic accounting is a micro process.
209

Financial Audit v. Forensic Audit
The typical financial audit is a sampling activity that doesn’t look at every transaction and can therefore be exploited by someone who knows how to rig the books.
Forensic accounting focuses on a specific aspect of the books and examines every digit. While the average accountant is trying to make everything add up, a forensic accountant is performing a detailed financial analysis to find out why everything doesn’t or shouldn’t add up.
It’s a far more time-consuming enterprise and can be significantly more expensive than regular auditing work.
Jake Poinier, “ Fraud Finder,”
Future Magazine , Fall 2004, http://www.phoenix.edu/students/future/oldissues/Winter2004/fra ud.htm
210

Ronald L.
Durkin suggests the following differences in a forensic audit versus a traditional audit:
•Not limiting the scope of the engagement based upon materiality.
•Not accepting sampling as evidence.
•Not assuming management has integrity.
•Seeking the best legal evidence.
•Melding the requirements of the evidential matter standard with the rules of evidence.
Source: R.L. Durkin, “Defining the Practice of Forensic
Accounting,” CPA Expert , Special Edition, 1999.
211

Two practitioners have suggested these additional procedures may be used in a forensic audit:
•Extensive use of interviews and leveraging techniques designed to elicit sufficient information to prove or disprove a hypothesis.
•Document inspection that may extend to authentication procedures and handwriting analysis.
•Significant public records search to uncover, for example, unexpected title or ownership, other known addresses, and prior records of individuals.
•Legal knowledge regarding rules of evidence including chain of custody and preservation of evidence integrity.
Source: Annett Stalker and M.G. Ueltzen, “An Audit Versus A
Fraud Examination,” CPA Expert, Winter 2009, p. 4.
212

Pre SAS 99
Consulting
Standards
Auditing
Standards
Traditional
Investigation
Traditional
Audit
Consulting
Standards
Post SAS 99
Auditing
Standards
Traditional
Investigation
Forensic
Procedures in the Audit
Environment
SAS 99
Source:AICPA, “Forensic Services, Audits, and Corporate
Governance: Bridging the Gap,” Discussion Memorandum,
2004.
213

Steps Toward Forensic Audit




Traditional audit [forensic techniques & fraud prevention program].
If suspect fraud, bring in-house forensic talent into the audit.
If no in-house talent or fraud complex, engage an outside forensic accountant (e.g., Cr.FA,
CFFA, or CFD).
As audit moves toward forensic investigation, auditor must comply with litigation services standards (consulting).
214

Inexperienced Forensic Auditors

Find out who did it. Do not worry about all the endless details.

Be creative, think like the fraudster, and do not be predictable. Lower the auditing threshold without notice.

Take into consideration that fraud often involves conspiracy.

Internal control lapses often occur during vacations, sick outages, days off, and rest breaks, especially when temporary personnel replace normal employees.
H. R. Davia, Fraud 101, New York: John Wiley & Sons, 2000, pp.
42-45.
215

AICPA Audit Committee Toolkit
“In some situations, it may be necessary for an organization to look beyond the independent audit team for expertise in the fraud area. In such cases, CPA forensic accounting consultants can provide additional assurance or advanced expertise, since they have special training and experience in fraud prevention , deterrence , investigation , and detection .
Forensic accounting consultants may also provide fresh insights into the organization’s operation, control systems, and risks. The work of forensic accounting consultants also may provide comfort for the organization’s CEO and CFO, who are required to file certifications under
Sarbanes-Oxley.”
216

Two Major Types of Fraud Investigations

Reactive: Some reason to suspect fraud, or occurs after a significant loss.

Proactive: First, preventive approach as a result of normal operations (e.g., review of internal controls or identify areas of fraud exposure). There is no reason to suspect fraud.
Second, to detect indicia of fraud.
Source: H.R. Davia, “ Fraud Specific Auditing,” Journal of
Forensic Accounting, Vol. 111, 2002, pp. 111-120
217

Proactive Is Beneficial

The threat of a future investigation reduces the occurrence of fraudulent behavior from
75% to only 43%.

The larger the pay-off, the more likely a person will commit fraudulent behavior.

Give the fox a key to the hen house and he/ she is going to eat hens.
Source: S. L. Tate et. al, “The Small Fraud Paradigm: An
Examination of Situational Factors That Influence the
Non-Reporting of Payment Errors,” J. of Forensic
Accounting , Vol.7, 2006, p. 406.
---------------------------
The greater the risk of detection, the less likely a person is to violate the law.
Jeremy Bentham
18 th Century Philosopher
218

Five Key Proactive Principles





Principle 1: As part of an organization’s governance structure, a fraud risk management program or anti-fraud program should be in place, including a written policy (or policies) to convey the expectations of the board of directors and senior management regarding managing fraud risk.
Principle 2: Fraud risk exposure should be assessed periodically by the organization to identify specific potential schemes and events that the organization needs to mitigate.
Principle 3: Prevention techniques to avoid potential key fraud risk events should be established, where feasible, to mitigate possible impacts on the organization.
Principle 4: Detection techniques should be established to uncover fraud events when preventive measures fail or unmitigated risks are realized.
Principle 5: A reporting process should be in place to solicit input on potential fraud, and a coordinated approach to investigation and corrective action should be used to help ensure potential fraud is addressed appropriately and timely.
Source: Managing the Business Risk of Fraud: A Practical Guide, IIA, AICPA,
ACFE; http://www.acfe.com/documents/managing-business-risk.pdf, 2008, p.
6.
219

Proactive vs. Reactive Approaches
Proactive approaches include

Effective internal controls,

Financial and operational audits,



Intelligence gathering,
Logging of exceptions, and
Reviewing variances.
Reactive detection techniques include

Investigating complaints and allegations,


Intuition, and
Suspicion.
Jack Bologna and Robert Lindquist, Fraud Auditing and Forensic Accounting,
2d Edition, New York: John Wiley, 1995, p. 137.
220

Proactive Is Best



When the IRS began requiring banks to issue Form 1099s reporting interest, the reported interest income increased by $8 billion (even though for 3 years the IRS did not have computer matching capacity).
When the IRS began to require taxpayers to list a social security number for dependents, the next year the number of reported dependents dropped by seven million. More than
11,000 of these taxpayers claimed seven or more dependents in 1986, but they claimed none in 1987.
When the IRS began to require taxpayers to list a name, address, and social security number for babysitters, two years later 2.6
million babysitters disappeared .
221

Fraud Deterrence Better Than Fraud
Investigation
4.
5.
1.
2.
3.
Fraud deterrence less expensive.
Deterrence is more comprehensive.
Fraud deterrence produces greater savings.
Deterrence is faster.
Fraud deterrence promotes better customer relations.
Daniel Finnegan, “Deterring Fraud,” Quality Planning
Corporation, 1991.
222

Is Company Proactive?














 Fraud hotline (reduce fraud losses by 50% re Wells 2002 Report).
Suggestion boxes.
Management review.
Make everyone take vacations.
People at top must set ethical tone.
Surprise audit.
Widely known code of conduct.
Check those employee references.
Reconcile all bank statements (bank statements sent to owner’s home).
Count the cash twice in the same day.
Unannounced inventory counts.
Fraud risk assessment (CFD).
Purchase crime insurance.
Do not use signature stamps.
Control company credit cards.
223

$7.4 Billion Losses at Societe Generale
•
•
•
•
•
•
•
•
Jerome Kerviel evaded all of the French bank’s controls to bet $73.5 billion on European markets – more than the bank’s market value. Six year employee; junior employee.
Kerviel reported to work early, stayed late, and took only 4 days off in 2007. In France six weeks of vacation is fashionable.
Starting in early 2005 , he made small unauthorized trades. The bank missed the illicit trades and the red flags.
Kerviel described growing increasingly daring after no one at the bank detected a series of small, unauthorized trades that he placed.
He entered fictitious and offsetting trades to minimize the odd of big losses.
He stole other people’s computer access codes, falsified documents, and employed other methods to cover his tracks.
He had an excellent understanding of the bank’s processing and control procedures so he could circumvent all of the controls.
His motive: quest for glory and a bonus.
224

Some Hints












Need to really understand the business unit. What they really do.
Have a mandatory vacation policy.
Rotation of assignments.
Have a written/signed ethics policy.
Do things differently each time you audit a unit.
Do not tell client what you are doing.
Hard to find fraud in the books.
Look/listen. Look for life style changes.
Do not rely on internal controls to deter fraud.
Auditors must have control of the confirmation process.
Careful of related parties.
Careful of “trusted” employees.
Pay employees to report fraud.
225




Shell Corporation – serves as a entity for business transactions without having any significant assets or operations. Also, front companies, mailbox companies. Controlled by another organization.
Dummy Corporation – entity created to serve as a cover or front for another corporation (e.g., Walt
Disney World used Compass East
Corporation).
Special Purpose Entity – Off-balance sheet arrangements used to isolate financial risk and provide lessexpensive financing (e.g., Enron). To carry out specific activity, purpose, or series of purposes (e.g., a trust).
226




Brother-Sister Corporations – One entity owns more than 50% of two or more corporations.
Parent-Subsidiary – One or more chain of corporations connected through stock ownership with a common parent corporation. Could be a holding company.
Façade Company – A legitimate company (e.g., car wash, dry cleaners, art or antique store) used to clean illegal money.
227




Nikko Cordial (Japan) fined for failure to consolidate a specialpurpose entity that was 100% owned by its subsidiary and for falsifying the timing of an exchange bond issue (2007).
Created Y14.5 billion in net profit.
Independent panel reviewed
507,000 e-mails.
228








Afinsa, a Spanish stamp company, controls 72% of Escala, a U.S. company
(formerly Greg Manning Auctions).
Escala says all sales to Afinsa takes place at independent established prices.
But Escala’s reported gross margin on stamp sales to Afinsa exceeds 44% [like land flipping].
Compared to less than 14% on those to other clients.
Therefore, Escala was manipulating the value of stamps sold to Afinsa to artificially boost its own bottom line.
Escala’s stock fell from $32 to $5 in five days after the May 8, 2006 arrests of seven executives. Police found $12.6 million behind one dealer’s freshly plastered walls in his home (e.g., unreported profits?).
Escala owns A-Mark Precious Metals, which buys and distributed more than one-half of the gold coins handed each year by the U.S. mint.
229

Fraud Deterrence Review

Analysis of selected records and operating statistics.

Identify operating and control weaknesses.

Proactively identify the control structure in place to help prevent fraud and operate efficiently.

Not an audit; does not express an opinion as to financial statements.

May not find all fraud especially where two or more people secretively agree to purposely deceive with false statements or by falsifying documents.
[Always get a comprehensive, signed engagement letter defining objectives.]
230

Fraud Detection Process
1.
2.
3.
4.
Discuss facts and objectives with client/attorney (e.g., conflict of interests).
Evaluation whether to accept the engagement.
Prepare a work program.
Develop time and fee schedule.
5.
Obtain approval of work program, staff assignments, and fee estimates.
6.
Obtain an engagement letter.
7/8. Identify fraud exposures and symptoms.
9/10. Evaluate evidence obtained and determine if more evidence is needed.
11/12. Search for and evaluate additional evidence.
13.
14.
15.
16.
17.
18.
19.
20.
21.
Discuss preliminary findings with client/attorney.
Draft a final report.
Review the report and work papers.
Resolve professional disputes.
Clear review points and open items.
Communicate report or findings.
Help attorney prepare court case/testify.
Perform follow-up procedure.
File work papers/report.
Source: Carmichael et. al, PPC Fraud Detection, Vol.1, Ch. 2 (2002).
231

Financial Audit v. Forensic Audit
“ During one investigation, we found in the auditing working papers written in the margin of the internal audit working papers by the internal audit manager: ‘Conceal from bankers,’ says Nicholas L.
Feakins, CPA, partner at San Mataeo, Calif based forensic accounting firm Feakins & Feakins. “ It sounds amazing, but the [third-party] auditors has put B-level staff on the project who simply didn’t read the documents and missed it.”
-----------------------------------------------------------------
MiniScribe, one of the world’s largest disk-drive makers, which in the late 1980s was surreptitiously shipping bricks instead of disk drives to the Far East and receiving credit from the bank for the amount of the shipments. “After all,” he says “it’s going to be 90 days until they ship the brick back to you. “MiniScribe’s public accounting firm, Coopers & Lybrand, didn’t catch the falserevenue scam during its regular audits-but a forensic accountant did.”
Jake Poinier, “ Fraud Finder,” Future Magazine , Fall 2004, http://www.phoenix.edu/students/future/oldissues/Winter2004/fra ud.htm
232

Materiality Unimportant
“ Auditing is governed by materiality. In investigative accounting, it is the opposite.
I am looking for one transaction that will be the key. The one transaction that is a little different, no matter how small the difference, and that will open the door.”
Lorraine Horton, owner of L. Horton & Associates in Kingston, R.I.
-----------------------------------------------------------------------------------------------------
“Fraud usually starts small. It begins with little amounts, because the perpetrator is going to test the system. If they get away with it, then they keep on increasing and increasing it.”
Robert J. DiPasquale
Source: H.W. Wolosky, “Forensic Accounting to the Forefront,” Practical
Accountant , February 2004, pp. 23-28.
233

Forensic Accounting v. Auditing
“Forensic accounting is very different from auditing in that there is no template to use.
There are no set rules. You don’t know when you go into a job how it is going to be.”
Lorraine Horton, Kingston, R.I
------------------------------------------------------------------------------
“Forensic accounting “is a very competitive field. What is interesting is that you may be a good accountant, but not a good forensic accountant. The training and the way you look at transactions are different.”
Robert J. DiPasquale, Parsippany, N.J.
----------------------------------------------------------
“Unlike auditing, lower-level staff often can’t be used for an engagement. They normally will not spot anything out of the ordinary, and an experienced person should be the one testifying as well as doing the investigative work.”
Lorraine Horton, Kingston, R.I.
Source; H.W. Wolosky, “Forensic Accounting to the Forefront,”
Practical Accountant , February 2004, pp. 23-28.
234






Brainstorming.
Increased emphasis on professional skepticism.
Discussions with management.
Unpredictable audit tests.
Responding to management override of controls.
“The only person that can steal from you is a person that you trust.”
235

SAS No. 99: SKEPTICISM



An attitude that includes a questioning mind and a critical assessment of audit evidence.
An auditor is instructed to conduct an audit “with a questioning mind that recognizes the possibility that a material misstatement due to fraud could be present, regardless of any past experience with the entity and regardless of the auditor’s belief about management’s honesty and integrity.”
“Things are not always as they appear, sonny boy.” James
Patterson, Honeymoon , Warner
Books, 2006.
236

Ronald Reagan said with respect to Russia,
“ Trust, but verify .”
FA’s motto should be “ Trust no one; question everything; verify
.”
As Charles Manson said, “
Total paranoid is total awareness
.”
-----------------------------------------------------
This ain’t my first rodeo
I didn’t make it all the way through school.
But my mama didn’t raise no fool.
I may not be the Einstein of our time.
But honey, I’m not dumb and I’m not blind.
Vern Gosdin
237

SAS No. 99: Questions for Management






Whether management has knowledge of any fraud that has been perpetrated or any alleged or suspected fraud.
Whether management is aware of allegations of fraud, for example, because of communications from employees, former employees, analysts, short sellers, or other investors.
Management’s understanding about the risks of fraud in the entity, including any specific fraud risks the entity has identified or account balances or classes of transactions for which a risk of fraud may be likely to exist.
Programs and controls the entity has established to mitigate specific fraud risks the entity has identified, or that otherwise help prevent, deter, and detect fraud, and how management monitors those programs and controls.
For an entity with multiple locations, (a) the nature and extent of monitoring of operating locations or business segments, and (b) whether there are particular operating locations or business segments for which a risk of fraud may be more likely to exist.
Whether and how management communicates to employees its views on business practices and ethical behavior.
238








Assume there may be wrong doing.
The person may not be truthful.
The document may be altered.
The document may be a forgery.
Officers may override internal controls.
Try to think like a crook.
Think outside the box.
239

SAS No. 99: Brainstorming
Aims to make the auditor’s consideration of fraud seamlessly blended into the audit process and continually updated until the audit’s completion.
Brainstorming is now a required procedure to generate ideas about how fraud might be committed and concealed in the entity.

No ideas or questions are dumb.

No one owns ideas.

There is no hierarchy.

Excessive note-taking is not allowed.
Source: Michael Ramos, “Auditors’ Responsibility for Fraud
Detection,” J. of Accountancy , January, 2003, pp. 28 – 36.
240

More Brainstorming

Best to write ideas down, rather than say them out loud.

Take plenty of breaks.

Best ideas come at the end of session.

Important to not define the problem too narrow or too broad.

Goal should be quantity, not quality.

Geniuses develop their most innovative ideas when they are generating the greatest number of ideas.

No such things as bad ideas.

Many companies are great at coming up with good ideas, but lousy at evaluating and implementing them.
Source: A.S. Wellner, “Strategies: A Perfect Brainstorm,” Inc.
Magazine , October 2003, pp. 31-35
241

Better Brainstorming Recommendations






Generating Ideas
Use group decision support systems.
Discuss cases of fraud or sources of material misstatements from prior audits.
Checklists should only be used by the team leader.
If checklists are used, fully discuss each item on the list.
Don’t limit discussions to items on the checklist.
Have the engagement partner or another expert on the audit lead the brainstorming session.




Evaluating Ideas
Separate the idea generation phase from the idea evaluation phase.
Include a partner in the evaluation of ideas.
Encourage members to discuss why they feel an identified risk is important.
Remind members of the purpose of the brainstorming session and the importance of professional skepticism.

Incorporating Ideas
Set aside time at the end of the brainstorming session to indicate how the audit plan should be modified as a result of the session.
Source: M. Landis, S.I. Jerris, and M. Braswell, “Better Brainstorming,” Journal of Accountancy , October 2008, p. 71.
242





Group domination: one or two participants dominating the process can quickly squelch the creative energies of the groups as a whole, reducing the likelihood the team will identify any actual fraud risks .
Social loafing: participants disengage from the process, expecting other team members to pick up the slack.
Groupthink: team members become so concerned with reaching consensus that they fail to realistically evaluate all ideas or suggestions.
Group shift: avoid allowing the team to take an extreme position on fraud risk.
Source: M.S. Beasley and J.G. Jenkins, “A Primer for Brainstorming
Fraud Risks,” Journal of Accountancy , December 2003, pp. 33-
34.
243




Open brainstorming: unstructured; few rules; free-for-all; someone should record ideas.
Round-robin brainstorming: start with no talking, silent period; assigned homework ahead; each individual presents own ideas; each member has a turn.
Electronic brainstorming: shortens meetings, increases ideas, and reduces personalizing ideas because an idea’s author remains anonymous.
Source: M.S. Beasley and J.G. Jenkins, “A Primer for
Brainstorming Fraud Risks,” Journal of Accountancy ,
December 2003, pp. 33-34.
244

How Management Overrides Controls
(SAS No. 99)



Recording fictitious journal entries (especially near end of quarter or year).
Intentionally biasing assumptions and judgments used to estimate accounts
(e.g., pension plan assumptions or bad debt allowances).
Altering records and terms related to important and unusual transactions.
245

Bias Assumptions





There are almost as many oil/gas reserve definitions as there are countries.
During the first week of January
2004, Royal Dutch/Shell Group slashed its estimates of oil reserves by 20% or about 3.9 billion barrels of oil .
Stock fell 9%.
Shell, Exxon/Mobil, and
Chevron/Texaco make the estimates themselves.
By the end of 2002, a total of 4.47 billion barrels cut; another 1.4 billion barrel cut in 2003.
Source: Susan Warren and P.A. Mckay, “Methods for Citing Oil
Reserves Prove Unrefined,” Wall Street Journal , January 14,
2004, p. C-4. Chip Cummins, “Shell Slashes Oil Reserves
Again, News Overshadows Profit Surge,” WSJ, February 4,
2005, p. A-3
246

Shell Board Kept In the Dark





One memo drafted on February 11,
2002, warned that about one billion barrels of oil-equivalent reserves appeared not to be in compliance with SEC guidelines.
Board learned of information only in early January 2004.
Chairman Sir Philip was ousted in early March 2004.
Most of the misstated reserves were recorded from 1997 to 2000, when
Sir Philip was in change of exploration and production.
Oil/gas reserves were increased (not by discovery) by changing its accounting.
Source: Stephen Labaton and Jeff Gerth, “At Shell, New Accounting and Rosier Oil Outlook,” New York Times , March 12, 2004, pp.
A-1 and C-4.
247

The SEC has recently adopted the proactive strategy of “wildcatting” where investigations into entire industries and business sectors are begun after evidence emerges from only one company in the group regarding financial reporting problems.
Over time, the PCAOB will probably be able to identify peculiarities within existing or evolving industries that require either standard setting or regulatory attention, or both.
Source: Berton, L., “U.S. Accounting Watchdogs Try to Shut Barn Door,”
Bloomberg.com
, April 2, 2004; J.H. Edwards, “Audit Committees: The Last
Best Hope,”
Journal of Forensic Accounting , Vol. IV (2004), pp. 1-20.
248

Walkthroughs
An auditor must perform a walkthrough of a company’s significant processes (each major class of transactions).
Can not be achieved secondhand.
According to PCAOB, in a walkthrough an auditor traces “company transactions and events – both those that are routine and recurring and those that are unusual – from origination, through the company’s accounting and information systems and financial report preparation processes, to their being reported in the company’s financial statements.
”
Auditors should perform their own walkthroughs which provides auditors with appropriate evidence to make an intelligent assessment of internal controls.
Source: PCAOB Briefing Paper, Proposed Auditing Standards, October 7, 2003.
249

Slot Machine Example
250

251

Wandering Around
• Informal observations while in the business.
• Especially valuable when assessing the internal controls.
• Observe employees while entering and leaving work and while on lunch break.
• Observe posted material, instructions, job postings.
• Observe information security and confidentiality.
• Observe the compliance with procedures.
• Appearance is not necessarily reality.
Man of La Mancha
252

New Terms in Financial Reports:
Deficiencies Have No Bright Lines
Control deficiency – one that might allow a bad number to get into the financial reports (e.g., the likelihood that a company misstates reports is remote– 1 out of 20).
Example: company does not check changes made by a salesman in a minor contract.
Significant deficiency – more serious flaw or a number of flaws that increase the chances that wrong numbers will significantly distort financial statements
(e.g., more than remote).
Example: company not checking for changes to terms of several key contracts.
Need only to report to BOD, but some companies are making them public.
253

Deficiencies Have No Bright Lines
Material weakness – deficiencies are so bad that there is more than a remote change of a material misstatement in financial statements.
Example: a bank does not regularly check for errors in estimating loan-loss expenses (i.e., Fannie Mae reported a
$1.3 billion error from its computer model, many in an uncontrolled environment).
They must be reported to the public.
David Henry, “How Clean Are the Books?” Business Week, March 7,
2005, pp. 108-109.
-----------------------------------------------------
Firms that reported material weaknesses in tax accounting lost an average of 5.8% of their stock value 60 days after the announcement.
-----------------------------------------------------
As of 11-14-05, 695 companies have disclosed material weaknesses in their annual report.
254

Indicators of Material Weaknesses
A material weakness is a deficiency, or a combination of deficiencies, in internal controls over financial reporting, such that there is a reasonable possibility that a material misstatement of the company’s annual or interim financial statements will not be prevented or detected on a timely basis.
Indicators of material weaknesses in internal controls over financial reporting include




Identification of fraud (whether or not material) on the part of senior management (e.g., principal executive and financial officers signing the company’s certifications).
Restatement of previously issued financial statements to reflect the correction of a material restatement.
Identification by the auditor of a material misstatement of financial statements in the current period in circumstances that indicate that the misstatement would not have been detected by the company’s internal control over financial reporting; and
Ineffective oversight of the company’s external financial reporting and internal control over financial reporting by the company’s audit committee.
Source:
IIA, AICPA, ACFE, Managing the Business Risk of Fraud:
Practical Guide, 2008. Locate on the Internet site of the three groups
(e.g., http://www.acfe.com/documents/managing-business-risk.pdf
).
255

Material Weakness Areas
AREAS OF FAILURE
Tax accruals/ deferrals
Revenue recognition
Inventory/ vendor cost of sales
Fixed/ Intangible assets
Leases or contingencies
Cash flow (FAS 95 error)
Consolidation (Fin 46 issues)
2005
34.5%
28.4
23.7
16.0
9.3
8.8
6.7
2004
32.0%
31.3
27.4
18.6
16.8
--
9.0
*10% of corporate filers in 2005 and 16% in 2004.
In 2007, 400 companies reported them.
In 2008, only 14 material weaknesses at 11 companies.
Source: AuditAnalytics.com
256

Think Like A Crook




Know your enemy as you know yourself, and you can fight a hundred battles with no danger of defeat.” Chinese Proverb.
Military leaders study past battles.
Football and basketball teams study game films of their opponents.
Chess players try to anticipate the moves of their opponent.
Examples: If contracts above $40,000 are normally audited each year, check the contracts between $30,000-$40,000.

FAs must learn the tricks of the trade as well as the trade.
257

Think Outside the Box
American astronauts returning from space complained that they could not write with their pens in zero gravity. NASA set aside $1 million to develop a sophisticated pen that would function in space.
The Russians encountered the same problem. What did they do?
258

Investigative Techniques
“Facts weren’t the most important part of an investigation, the glue was. He said the glue was made of instinct, imagination, sometimes guesswork and most times just plain luck.” (p. 163).
--------------------------------------------------
“In his job, he [Bosch] learned a lot about people from their rooms, the way they lived. Often the people could no longer tell him themselves. So he learned from his observations and believed that he was good at it.” (p. 31).
--------------------------------------------------
Michael Connelly, The Black Ice , St. Martin’s
Paperbacks, 1993.
259

Three Major Phases of Fraud
1.
2.
The Act itself.
The concealment of the fraud (in financial statements).
3.
Conversion of stolen assets to personal use
(interest free loans to Tyco executives forgiven).
One can study any one of these phases.



Examples:
Things being stolen: conduct surveillance and catch fraudster.
If liabilities being hidden, look at financial statements for concealment.
If fraudster has unexpected change in financial status, look for source of wealth.
Source: Cindy Durtschi, “The Tallahassee Bean
Counters: A Problem-Based Learning Case in
Forensic Audit,” Issues in Accounting Education , Vol.
18, No. 2, May 2003, pp. 137-173.
260

Fraud Hypothesis Testing Approach
Here a forensic accountant attempts to proactively detect fraud that is still undiscovered by formulating and testing null hypotheses. This proactive technique requires an forensic investigator to
1. Identify the frauds that may exist in a particular situation.
2.Formulate null hypotheses stating that the frauds do not exist.
3.Identify the red flags that each of the frauds would create.
4.Design customized queries to search for the specific red flags or combination of red flags.
In a refinery, three authors report that after a formalized pro-active search for red flags , some unknown frauds were discovered. But applying generic data mining programs to the company’s database to detect fraud resulted in a number of Type II errors. So in order to be useful the red flags had to be fraud and company specific.
C.C. Albercht, W.S. Albercht, and J.G. Dunn, “Conducting a Pro-Active
Fraud Audit: A Case Study,”
Journal of Forensic Accounting , Vol. 11,
2000, pp. 203-218
261

Class Action Securities Fraud Actions
Year
2009
2008
2007
2006
2005
2004
2003
2002
182
237
226
266
169
210
176
118
Year
2001
2000
1999
1998
1997
1996
1995
498
216
209
242
173
111
188
Although the number of shareholder class action lawsuits have gone down, settlements are now much bigger (average
$65 million). Unions and retirement funds are playing an increasing role, resulting in much higher settlements.
Stanford Law School Securities Class Action Clearing House, securities.stanford.edu/index.html; Jan. 5, 2010.
262

Auditors Must be Alert for:






Concealment
Collusion
Evidence
Confirmations
Forgery
Analytical relationships
Source: Gary Zeune, “The Pros and Cons.”
-----------------------------------------------
“Things are not what you think they are.” Al Pacino, “The Recruit.”
263

An Average of Seven People Involved

Authors Robert Tillman and
Michael Indergaard found that of the 834 companies that issued restatements between January 1,
1997 and June 30, 2002, 374 or
45% were accused of securities fraud.

An average of 7 persons were normally involved – CEOs, CFOs,
COOs, general counsel, directors, and internal and external auditors.
264

Anti-Fraud Measures –
Months to Detect – Median Loss
3.
4.
1.
2.
5.
Hotlines
Internal audits
External audits
Surprise audits
Fraud awareness/
Ethics Training
YES
$100,000
(15)
$120,000
(18)
$181,000
(23)
$100,000
(15)
$100,000
(15)
NO
$200,000
(24)
$218,000
(24)
$125,000
(18)
$200,000
(24)
$200,000
(24)
Source: 2006 Wells Report, ACFE.
265

Roadmap For An Embezzler: 14 Ways
1.
2.
3.
4.
Sam diverted payroll taxes meant for the IRS to himself through a dummy account. He switched the IRS correspondence address to his home, hiding the default letters. He carried on an extensive letter-writing campaign with the IRS to confuse and delay action. He made back payments, disguising them to us as current payments.
He set up dummy bank accounts to skim funds before they made their way into legitimate accounts.
Sam got one employee fired for doing “sloppy management,” which “lost” some deposits. Of course, Sam gave me the “proof” that this employee was incompetent.
He refocused attention by pointing fingers at
“slow payers” on our accounts receivable. He claimed that some people had never paid (they had) and that he had sent them to collections (he hadn’t). Of course, his records showed that their payments had never made it into our account
(they went into a dummy account.)
Source: Bev Harris, “How to Embezzle a Fortune,” www.talion.com/embezzle.htm
.
266

Roadmap For An Embezzler: 14 Ways (contd …)
5.
6.
7.
8.
9.
10.
He stole postage and then “reported” it, to alert me that he was honest; if anything was amiss, I would then blame others (and he offered his opinions on the least trustworthy employees).
He diverted bank statements to his home and altered them before filing them at the office.
Sam volunteered to run daily deposits to the bank, skimming off the cash and changing the deposit tickets.
He made reimbursements to himself and his wife for “business expenses” that didn’t exist.
Sam set up his landlord, once or twice a year, as an accounts payable.
A fax machine was stolen from the office. Also a
TV and VCR. He was supposedly the first to arrive; he hastened to point out the broken window. He personally handled the police report. (I doubt that anyone broke in; the window was high up and fairly small.)
Source: Bev Harris, “How to Embezzle a Fortune,” www.talion.com/embezzle.htm
.
267

Roadmap For An Embezzler: 14 Ways (contd …)
11.
12.
He put his wife on the payroll (a sweet woman who divorced him when she found what he really was). He “miscalculated” withholding to overpay her, and adjusted her W-2s downward to match. She was hourly, so he also padded her hours by $20 to $50 per pay period, and altered the time log sheets. We figured that over the course of four years, he overpaid her by at least $3,000. Of course, he was in charge of their family finances, and he deposited all her checks.
Sam double-reimbursed himself for legitimate expenses.
Here’s how:
He would list perhaps four expenditures on one voucher, three on another. So the first would say “Office Depot, $21.64; Kinkos,
$18.92; Office Depot, $39.12; Office Depot,
$16.10.” A month or two later, one would show up like this: “Kinkos, $11.30; Office
Depot, $39.12; Shay Office equipment,
$26.20.”
Source: Bev Harris, “How to Embezzle a Fortune,” www.talion.com/embezzle.htm
.
268

Roadmap For An Embezzler: 14 Ways (contd …)
13.
14.
Yes, receipts were stapled to the voucher, and all the vouchers/receipts added up. Here’s how he handled that: for some vendors he copied receipts by running them through an old fax machine that used thermal paper. He made two copies for double submissions.
Many cash registers use thermal paper, so the receipts looked real. This technique survived an outside audit .
Increasingly arrogant, he began making
“phone-authorized” wire transfers out of company accounts into his personal checking account.
Sam did an amazing job of doctoring the financial statements. (If this man spent half the effort on legitimate pursuits that he did on embezzling, he’d be a millionaire instead of an ex-con).
Source: Bev Harris, “How to Embezzle a Fortune,” www.talion.com/embezzle.htm
.
269

Code of Ethics Required by Sarbanes-Oxley
Section 406: Public issuer has to adopt a code of ethics for senior financial officers to deter wrong – doing and to promote
1.
Honest and ethical conduct.
2.
Full, fair, accurate, timely and understandable disclosure in SEC filings.
3.
4.
5.
Compliance with government laws, rules, and regulations.
Prompt internal reporting code violations;
Accountability for adherence to the code.
270










Check employee references/resume.
Stop giving the employee/client the answer when you ask a question.
Zero tolerance for allowing employee/executive to get away with anything.
Always reconcile the bank statements.
Try to think like a criminal.
Get inside the criminal’s mind. Be a detective.
Do not assume you have honest employees.
Bond employees.
Uni-ball gel pens.
Source: Gary Zeune
271

Auditing Hints
• SAS No. 99 does not require auditors to make inquiries of “others,” as opposed to management. Auditors must talk to and interview others below management level. If asked, employees may be willing to report suspicious activities.
• Use independent sources for evaluating management (e.g., financial analysts). Surf the internet .
• Auditors need to follow the performance history of managers and directors.
• If a company has an anonymous reporting system, obtain information about the incidents reported and consider them when assessing fraud risk.
• Be sure to perform analytical procedures, and the work should be reviewed by senior members of the audit team.
272

Auditing Hints (cont.)
• Auditors should select sample items below their normal testing scope (e.g., HealthSouth).
• Fraud procedures should be more than checklists . Audits should focus on finding and detecting fraud.
• Ask for and review all “top drawer” entries.
• Ask for and review all side agreements.
• Look for hockey stick pattern.
“Don’t think that there are no crocodiles because the water is calm.”
Malaysian Proverb
273

Fraud 101: Fraudsters can change their job and address, but they can not change who they are.
274





Pre-employment drug testing.
Post-employment drug testing more sensitive.
Pre-employment polygraph tests prohibited by 1988 Act (Federal,
State, Local Governments and
Federal Contractors exempted from the Act).
Written integrity tests.
275




Many of the companies indicted by the SEC after Enron had one thing in common: CEOs were making about 75% above their peers.
The common thread among the companies with the worst corporate governance is richly compensated top executives, as per the
Corporate Library, Portland, Maine governance-research firm. Hefty pay checks and perks to current or former chief executives.
Poor BODs have in common: an inability to say no to current or former chief executives.
Source: Monica Langley, “Big Companies Get Low
Marks for Lavish Executive Pay,” Wall Street J.,
June 9, 2003, p. C-1.
276

Compensation Facts
•
CEOs compensation components have increased dramatically in the 1990 [mean of $1.68 million in 1992 to
43.2 million in 2000] even after the passage of IRC Section
162 (m) in 1993 [$1 million limit].
Balsam, S. 2002. An Introduction to Executive Compensation . San Diego, CA:
The Academic Press.
• Compensation increases when the CEO has influence over the outside directors, as measured by the percentage of outside directors appointed by the CEO.
Core, J.E, Holthausen, R and Larcker, D. 1999. Corporate governance, chief executive officer compensation, and firm performance, Journal of Financial
Economic 51: 371-406
• CEO compensation is higher when the CEO’s tenure is greater than the chair of the compensation committee.
Main, B., O’Reilly, C, and Wade, J. 1995. The CEO, the board of directors and executive compensation: economic and psychological perspectives, Industrial and Corporate Change 4: 293-332.
• The relation between the change in CEO cash compensation and stock returns weaken with tenure.
Hill, C. and Phan, P. 1991. CEO tenure as a determinant of CEO pay. Academy of Management Journal 34: 707-711
• The greater the percentage of outside board members appointed after the CEO, the more likely the CEO will have a golden parachute.
Wade, J., O’Reilly, C, and Chandratat, I. 1990 Golden parachutes: CEOs and the exercise of social influence. Administrative Science Quarterly 35:587-603
277

It’s not just stars (e.g., Bess
Myerson, Hedy Lamarr, and may be Winona Ryder). Why, each year, ordinary people shoplift $13 billion of lipstick, batteries, and bikinis from stores (last year $26 to $33 billion). May account for one-third of total inventory shrinkage.
800,000 times a day the thrills and temptations win over fear – a product of the late 19 th century with the larger stores.
Source: Jerry Adler, “The Thrill of Theft,” Newsweek,
February, 2002.
278

The independence of the auditor will probably be impaired and reduce the quality of financial statement audits, if any of the following conditions occur during financial statement audits:
2)
3)
1)
4)
5) auditor’s excessive personal loyalty to the audit client, auditor’s fear of losing client to a competitive CPA, auditor’s fear of a lawsuit if CPA withdraws from audit engagement, auditor’s fear of harming client with audit opinion other than unqualified, and auditor’s conflict between consulting and auditing services offered.
G. D. Moyes and A. Anandarajan, “CPAs’ Perceptions of Factors Influencing the
Quality of Financial Statement Audits: Substandard Performance and Impaired
Independence,” J. of Forensic Accounting , Vol. 7, 2006, p. 133.
279

Earnings management may be defined as the “purposeful intervention in the external financial reporting process, with the intent of obtaining some private gain.”
– Katharine Schipper, “Commentary on Earnings
Management,” Accounting Horizon , December 1989, p. 92.
Earnings management occurs when managers use judgments in financial reporting and in structuring transactions to alter financial reports to either mislead some stakeholders about the underlying economic performance of the company, or to influence contractual outcomes that depend on reported accounting numbers.
P. Healy and J. Wahlen
280

Earnings Management
The difference between earnings management and financial statement fraud is the thickness of a prison wall.
D. Larry Crumbley
The difference between earnings management and financial statement fraud is like the difference between lightning and a lightning bug.
D. Larry Crumbley
281

Capital Market Incentives to Manage
Earnings
1.
2.
3.
4.
5.
6.
7.
8.
9.
Management buyout firms, on average, manage their earnings downward prior to the buyout.
Roughly 12 percent of firms making seasoned or initial equity offerings manage their earnings upward by about 5% of total assets prior to the offers.
Firms who are in danger of failing to meet management earnings forecasts, on average, manage their earnings upward prior to releasing the annual earnings figure.
Firms, on average, manage their earnings to meet or beat expectations of financial analysts.
Firms that meet or beat analysts’ expectations earn about
8% incremental annual market-adjusted returns relative to firms that fail to do so.
Firms with zero or a positive earnings surprise earn incremental quarterly returns of 2.3%, and firms with positive earnings surprise earn further incremental quarterly returns of 3.4%.
About 40% of firms confronted with reporting slight losses tend to manage their earnings in order to report positive earnings.
About 12% of firms confronted with reporting slight earnings decreases tend to manage their earnings in order to report small earnings increases.
Investors do not see through most earnings management as evidenced by the fact that firms flagged for earnings management by regulators show an average stock price decline of 9%.
Source: Masser Spears, “The Impact of Earnings Mgt. on the Credibility of
Corporate Financial Reporting,” Petroleum Acctg. and Financial
Mgt.
, Summer 2007, pp. 47-48.
282

Contracting Incentives to Manage
Earnings
1.
There is no evidence of earnings management behavior by firms close to their dividend covenant. Instead, these firms tend to manage their cash flows.
2.
There is inconclusive (mixed) evidence of earnings management behavior by firms to other debt covenants, such as interest coverage or leverage ratios.
3.
Some managers manipulate earnings to increase bonus awards. There is no evidence on the pervasiveness or the stock market impact of this form of earnings management.
Source: Masser Spears, “The Impact of Earnings Mgt. on the
Credibility of Corporate Financial Reporting,” Petroleum
Acctg. and Financial Mgt.
, Summer 2007, pp. 47-48.
283

Regulatory Incentives to Manage
Earnings
1.
There is strong evidence that suggests that firms manage earnings (a) to avoid regulatory constraints, (b) to take advantage of governmental benefits, and (c) to avoid regulatory exposure.
2.
There is no direct evidence about how and whether regulators impound those forms of earnings management behavior.
Source: Masser Spears, “The Impact of Earnings Mgt. on the
Credibility of Corporate Financial Reporting,” Petroleum
Acctg. and Financial Mgt.
, Summer 2007, pp. 47-48.
284

Management or Manipulation?






More than one-half of CFOs say they can legally influence reported earning by 3% or more.
Operational levers: delaying operational spending, accelerating order processing, and driving sales force more.
Accounting steps: changing the timing of an accounting change and adjusting estimates.
One-third of CFOs would try to influence results: 24% upward or 8% would try to cut them.
Few CFOs think their auditors would catch them.
If the auditors caught it, they probably would not bring it up to management.
Don Durfee, “Management or Manipulation?” CFO , December, 2006, p.
28.
285

Financial Statement Fraud Schemes
Category
Concealed Liabilities
Fictitious Revenues
Improper Asset Valuations
Improper Disclosures
Timing Differences
%
45.0%
43.3%
40.0%
37.5%
28.3%
Source: 2006 Wells Report, ACFE.
286

Good Earnings Management

Careful timing of capital gains and losses;

Use of conferencing technology to reduce travel costs; and

Postponement of repair and maintenance activities when faces with unexpected cash flow declines.
L. G. Weld et. al, “Anatomy of a Financial Fraud,” The
CPA Journal, October 2004.
287

Abusive Earnings Management

Improper revenue recognition (e.g., bill and hold sales).

Improper expense recognition.

Using reserves to inflate earnings in years with falling revenues (cookie jar accounting).

Shifting debt to SPE.

Channel stuffing.

Capitalizing marketing costs rather than expensing.

Extending useful lives and inflating salvage values.

Cookie jar reserves.

Accelerating revenue from leasing equipment.

SPEs not consolidated.
288

Early Warning Signs of
Earnings Management

Cash flows that are not correlated with earnings;

Receivables that are not correlated with revenues;

Allowances for uncollectible accounts that are not correlated with receivables;

Reserves that are not correlated with balance sheet items;

Acquisitions with no apparent business purpose; and

Earnings that consistently and precisely meet analysts’ expectations.
Magrath and Weld, “Abusive Earnings Management and
Early Warning Signs,” The CPA Journal, August 2002.
289

Some Red Flags of Earnings Management
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
CEO is also Chairperson of BOD (e.g.,
Parmalat).
Insiders have majority control of BOD.
Weak system of internal controls.
Performance emphasis on short-term goals.
Weak or non-existent Code of Ethics (e.g.,
Parmalat).
Questionable business strategies with opaque disclosures (e.g., special purpose entities).
CEO is uncomfortable with criticism (Enron’s
Jeff Skilling).
CEO or other senior management turnover
(Qwest’s CFO).
Insiders selling stock (Enron’s Ken Lay).
Independence problem from large non-audit fees paid to external auditors (e.g.,
HealthSouth).
Company’s investment banker has independence problems (e.g., Parmalat,
Enron).
290

Companies that consist solely of independent directors and meet at least four times a year are likely to have lower non-audit service fees.
L.J. Abbott et.al, “An Empirical Investigation of Audit Fees, Non-
Audit Fees, and Audit Committees,” Contemporary Accounting
Research, Summer, 2003, p. 230.
An auditor who is also an industry specialist further enhances the credibility of accounting information (e.g., less earnings management).
G.V. Krishnan, “Does Big 6 Auditor Industry Expertise Constrain
Earnings Management?” Accounting Horizons , Vol. 17,
Supplement 2003, p. 15.
291

Lower perceptions of earnings quality lead investors to more thoroughly examine a firm’s audited financial statements. A more thorough analysis of a firm’s financial statements lead investors to lower their assessment of the firm’s earnings quality.
F.D. Dodge, “Investors perceptions of Earnings Quality, Auditor
Independence, and the Usefulness of Audited Financial
Information,” p. 46.
Found no evidence that short sellers trade on the basis of information contained in accruals.
Scott Richardson, “Earnings Quality and Short Sellers,” p. 49.
292

 Small companies tend to more frequently manage earnings to avoid losses than large companies.

Auditors type appears insignificant.
 fgdfg
Brain Lee and Ben Choi, “Company Size, Auditor
Type, and Earnings Management.” Journal of
Forensic Accounting, Vol. 3 (2002), pp. 27-50.

In 2003, HealthSouth paid more money in taxes to the Federal Government than it legitimately earned the previous year.
Aaron Beam, 2009
HealthSouth: A Wagon to Disaster
293

Do Not Be a Rubber Stamp
In November 2008, Bernard Madoff told his investors that they had $65 billion, but investigators found only about $1 billion. Prosecutors said that
Madoff’s accountant, David Friehling, operating from a
13 by 18 feet office, rubber-stamped Madoff’s books for
17 years.
The government said Friehling did not meaningfully audit Madoff’s books or confirm that securities supposedly held by Madoff on behalf of his customers even existed. The SEC said Friehling pretended to conduct minimal audit procedures of certain accounts to make it appear that he was conducting an audit, but he failed to document his purported findings. He failed to examine a bank account through which billions of dollars flowed. The FBI said he did little or no testing or verification.
The SEC said the 49 year old accountant lied to the AICPA for years, denying that he conducted any auditing. He was afraid that his audit work would be peer reviewed. Do not be a David Friehling.
Source: Larry Neumeister, “Prosecutors Charge Madoff’s Accountant with Fraud,”
Yahoo! Finance, March 18, 2009.
http://biz.yahoo.com/ap/090318/na_us_madoff_scandal.html?.v=4
294

Types of Financial Statement Fraud Schemes
Three professors have broken financial statement fraud schemes into these ten types:
1.
2.
3.
Fictitious and/or overstated revenues and assets (e.g., non-ordered or cancelled goods).
Sunbeam created revenues by contingent sales, a bill-and-hold strategy, and accelerated sales. Digital Lightware, Inc. recognized fraudulent billings. Cendant
Corporation created fictitious revenues, and
Knowledge Ware inflated revenues with phony software sales. Xerox, Bristol-Mayers,
Merck.
Premature Revenue Recognition (e.g., holding books open). 35-day month.
Misclassified Revenues and Assets (e.g., combining restricted cash accounts with unrestricted cash accounts). School districts and universities may engage in this strategy with dedicated funds.
Source: S.E. Bonner, Z. Palmrose, and S.M. Young, “Fraud Types and Auditor
Litigation,” The Accounting Review , October 1998, pp. 503-532.
295

Types of Financial Statement Fraud Schemes (contd …)
4.
5.
6.
7.
8.
9.
10.
Fictitious Assets and/or Reductions of
Expenses/Liabilities (e.g., recording consigned inventory as inventory).
WorldCom.
Overvalued Assets or Undervalued
Expenses/Liabilities (e.g., insufficient allowance for bad debts). Enron.
Omitted or Undervalued Liabilities (e.g., understated pension expenses). Hiding losses (Allied National Bank).
Omitted or Improper Disclosures (e.g., stock option expense estimates).
Equity fraud (e.g., recording nonrecurring and unusual income or expense in equity).
Related-Party Transactions (e.g., fictitious sales to related parties). Enron had many related-party transactions. REFCO, Adelphia.
Financial Fraud Going the Wrong Way (e.g., for tax purposes reducing income or increasing expenses).
296

Wrong Way Earnings Management


Freddie Mac understated past earnings as much as $5 billion.
Certain transactions and accounting policies were “implemented with a view to their effect on earnings”
(e.g., to smooth earnings).
 Restatements will result in higher earnings in prior periods but lower earnings in future periods.
 Employees appeared to knowingly violate accounting rules in an effort to manipulate earnings.
Source: Patrick Barta and J.D. McKinnon, “Freddie Mac Profits May Have Been
Low By Up to $4.5 Billion,”
Wall Street J., June 26, 2003, pp. C-1 and
C-11. Bethany McLean, “The Fall of Fannie Mae,” Fortune , January 24,
2005, pp. 123-140.
297

Fannie Mae’s Problem
• Fannie Mae was ordered by the SEC [2004] to a restatement of earnings of $ 9 billion
(reducing earnings since 2001). Misuse of hedge-accounting transactions and improper accounting for loans.
• CFO J. Timothy Howard resigned with an annual pension of $400,000 and lifetime access to Fannie Mae’s Medical benefits. Plus
$ 4 million of stock options.
•CEO Franklin Raines was paid more than
$60 million over a 6 year period. On Dec. 21,
2004, Raines took early retirement. $ 1 million annually for life.
•The Board replaced KPMG as Fannie’s auditor.
Source: Bethany McLean, “The Fall of Fannie Mae,”
Fortune , January
24, 2005, pp. 123-140.
Mike McNamee, “Franklin Raines Lost
Gamble,” Business Online , December 22, 2004.
298

Lessons From Enron

Enron’s management figured an ingenious method of overriding the double-entry of accounting. They simply ignored it.

It remains the simplest, most elegant financial fraud. Enron created specialpurpose entities (SPEs) and pledged
Enron stock – just pieces of paper.

If the SPE was successful, they recognized income.

When the SPE had huge losses they issued more paper. Debts were filed offbalance sheet in the partnerships.
Source: Joe Anastasi, The New Forensics , John Wiley & Sons, 2003, p. 92-93.
299

Cooking the Books-Symbol Technologies

From 1998 through February 2003, Symbol used a socalled “Tango sheet” process through which fraudulent
“topside” accounting entries were made to reserves and other items to conform the unadjusted quarterly results to management’s projections;

Fabrication and misuse of restructuring merger and other non-recurring charges to artificially reduce operating expenses, create “cookie jar” reserves
(overstating inventory write-offs) and further manage earnings;

Channel stuffing and other revenue recognition schemes, involving both product sales and customer services; stuffed the channel by granting resellers return rights and contingent payment terms in side agreements.

Manipulation of inventory levels and accounts receivable data to conceal the adverse side effects of the revenue recognition schemes.
300

Cooking the Books-Symbol Technologies

Warehouse arrangement with a large foreign distributor that served as a vehicle for improperly recognizing several millions of dollars.

Directed employees to refrain from scanning new components or returned goods into the automated accounting system.

Backdated (cherry picked) stock option exercise dates.

When “days sales outstanding’ because too large because of fraudulent revenue recognition, reclassified past due trade accounts receivable into notes receivables. A growing DSO figure is often a sign that receivables are impaired due to channel stuffing, etc.

Deferred $3.5 million of FICA insurance costs to a later year.

Recognized revenue that was processed in one quarter, but shipped the next quarter.
301

Catch Me If You Can
Punishment for fraud and recovery of stolen funds are so rare, prevention is the only viable course of action.
Frank W. Abagnale
30 years ago Abagnale cashed $2.5 million in fraudulent checks in every state and 26 foreign countries. Was later associated with the FBI for 25 years.
302

Over-all Fraud Plan








Background checks
Avoid Nepotism
Signed Conditions of Employment Agreement
Non-compete Agreement
Confidentiality of Information Agreement

Bonding

Two-signatures on checks/ wire transfers/ lines of credit


Lockbox
Positive pay

Check security and restrictive endorsements

Check stock (can not be scanned and it smears easily)


Close out cash registers at unpredictable times
Back up computer files
Accounting personnel can not cancel debt
Have an internal audit
CEO signs numbered check request form
E.J. McMillan, Policies and Procedures to Prevent Fraud &
Embezzlement, 2006, John Wiley.
303

Help for Banks
In 2010, there will be nearly 20 billion checks processed annually, so checks are one of the most frequent fraud schemes. Over 500 million checks are forged each year in the U.S. out of the more than 32 billion written each year. Likewise, at least 15 percent of all bank check-related losses is from counterfeit checks.
30 Thus, it is not practical or cost-effective to visually compare signatures on these huge numbers of checks.
There is, however, state-of-the-art automated signature verification technology available to financial institutions to detect and prevent fraud. This technology combines a human-like holistic analysis of a signature and its segmentation with a subsequent analysis of the signature’s elements using geometrical analysis (an analytical method based on signature segmentation and finding correlations between the fragments of reference and suspect signatures), dozens of neural networks, and many other innovative techniques. There is also automatic stock verification software to provide scrupulous verification of all preprinted elements on business and personal bank checks.
304

Help for Banks (cont.)

Fraudsters also may alter check contents by lifting bank officers approval stamps from one check and including it on another check of higher value or altering the MICR line with bogus information.

Other alterations are easy. In many situations check writers leave spaces and gaps when populating the various fields; also, dollar amounts, payees and dates can be simply altered using a pen.
Parascript, LLC
(888.772.7478) offers recognition engines to detect this fraud.
Source: Parascript Payments Fraud, Image
Exchange Challenges and Solutions, September
2007.
305


A positive pay system can detect forged checks having duplicate serial numbers, voided checks presented for payment, stale checks, checks with altered or invalid amounts, and checks with altered payee lines.

This anti-fraud tool eliminates the need to review each check which helps businesses gain control of the exception process and reduces write-offs.

Positive pay can even be integrated into a bank’s branch system to detect fraud at the teller window or platform.
306




Embezzlement
Cash and check schemes






Larceny of cash
Skimming
Swapping checks for cash
Check tampering
Kiting
Credit card refund and cancellation schemes
Accounts receivable fraud



Lapping
Fictitious receivables
Borrowing against accounts receivable


Inventory fraud


Stealing inventory
Short shipments with full prices
Fictitious disbursements





Doctored sales figures
Sham payments
Price manipulations: land flipping, pump and dump, and cybersmearing
Money laundering
Bid rigging
307

Asset Misappropriation Sub-
Categories
Source: 2010 Wells Report, ACFE.
308

Cash Wheel
Accounts Receivable
Accounts Payable
Adjusting Entries
Depreciation
Accruals
Cash
Source: Fraud Auditing Small Businesses With The Wheel , James A. Goldstine
309

Some Employee Schemes

Embezzlement/skimming involves converting business receipts to one’s personal use and benefit, by such techniques as cash register thefts, understated/unrecorded sales, theft of incoming checks etc.
310

Some Skimming Schemes (off-book)



Unrecorded sales.
Theft of incoming checks.
Swapping checks for cash.
Auditing Suggestions

Compare receipts with deposits.



Surprise cash count.
Investigate customers complaints.
Gross profit analysis (also for money laundering).


Check for reversing transactions, altered cash counts, and register tapes that are
“lost.”
Camera surveillance.
311

Preventive Measures






Segregation of duties, mandatory vacations, and rotation of duties help prevent cash larceny.
Review and analyze each journal entry to the cash account.
Two windows at drive-through restaurants.
Signs: Free meal if no receipt.
Blank checks and the automatic check signing machine should be kept in a safe place from employees.
Pre-numbered checks should be logged and restricted to one responsible employee. Require two signatures on cashier checks.
312

Unclaimed Tax Refunds
Love for an ex-boyfriend caused a Colorado
Department Revenue Supervisor to steal
$11 million in unclaimed tax refunds from
Colorado state. Michelle was in love with the married Hysear Randell.
Michelle Cawthra testified that she deposited unclaimed tax refunds and other money into Hysear Randell’s bank account over two years.
She forged documents and created fake businesses. Michelle used computer passwords of other workers so she would not be detected.
Source: http://www.baltimoresun.com/news/snsap-us-odd-tax-refund-scam,0,...
313

Processing Checks Best Procedure
Step 1. The invoice is approved for payment.
Step 2.
A check request form is completed.
Step 3.
The CEO approves the check request.
Step 4.
The check request is forwarded to accounting.
Step 5.
Accounting processes the check.
Step 6.
The CEO signs the check.
Step 7.
A second designated employee (who does not approve the payment and is not in the accounting department) should cosign the check. Therefore, 4 people involved.
E.J. McMillan, Policies & Procedures to Prevent Fraud & Embezzlement,
John Wiley, 2006, p.44.
314

Processing Checks Best Procedure









Invoice is approved for payment.
Check request form is prepared.
The CEO approves/ signs the numbered check request form.
Check request form is forwarded to accounting.
Accounting processes the check.
The check is signed by two authorized individuals.
The check is mailed.
The bank statements are sent to the CEO’s home (or P.O. box) for review.
The CEO forwards the reviewed bank statements to accounting for reconciliation.
E.J. McMillan, Policies & Procedures to Prevent Fraud &
Embezzlement, John Wiley, 2006, p.45.
315

Some Employee Schemes (contd .)
Kiting: building up balances in bank accounts based upon floating checks drawn against similar accounts in other banks. Wire transferring makes kiting easier.
Auditing Suggestions

Look for frequent deposits and checks in the same amount.

Large deposits on Fridays.

Short time lag between deposits/withdrawals.

Bank reconciliation audit [cut-off bank statement].
316

Some Employee Schemes (contd …)
Cut-off Bank Statement

Shorter period of time (10-20 days).

Bank statement sent directly to fraud auditors.

Compare the cancelled checks, etc. with the cut-off bank statement.

Helpful for finding kiting and lapping.
317

Other Cash Schemes

Theft of checks (bottom or middle of checks).

Checks may be intercepted or payee altered (washing checks).

Forged endorsements
(disappearing ink).

Stolen credit cards.

Refund schemes.

Kickback schemes.
318


A television station’s former accounting director pleaded guilty to stealing more $1.8 million from her employees and spending it on jewelry, paintings, and fur coats.

She would overpay the station’s travel bills and divert the refunds to her own credit card bills and personal accounts.

She was sentenced to 7 ½ years in prison on a single count of theft from CBS affiliate WBBM – TV
Source: AP, “Ex-Accountant at CBS Affiliate Sentenced,” Las Vegas
Sun , November 5, 2003.
319

Accounts Receivable Schemes




320

Lapping


Recording of payment on a customer’s account some time after receipt of payment. Later covered with receipt from another customer (robbing Peter to pay
Paul).
Lapping is more successful where one employee has both custody of cash and record keeping responsibility.
321

322




.

Compare the checks on a sample of deposit slips to the details of the customers’ credits that are listed on the day’s posting to the customer’s account receivables.

Closely monitor aging accounts.
323

Cash Flow for Legitimate Asset-Based Revolving
Line of Credit
Source: John F. Monhemius, CPA and Kevin P. Durkin, CPA,
Detecting Circular Cash Flow, Journal of Accountancy, december 2009, p. 29, www.journalofaccountancy.com
324

Cash Flow in a Circular Flow of Cash Fraud
Scheme
Source: John F. Monhemius, CPA and Kevin P. Durkin, CPA,
Detecting Circular Cash Flow, Journal of Accountancy, december 2009, p. 29, www.journalofaccountancy.com
325

How Non-Cash Assets are
Misappropriated – 2006
Category
Inventory
Information
Securities
%
16.6%
3.6%
1.5%
Median Loss
$55,000
78,000
1,850,000
Source: 2006 Wells Report, ACFE.
326

Inventory Fraud

Stealing inventory/supplies for personal use or for sale at flea markets/garage sales.

Kickback schemes (vendor/supplier and an employee). Sale of unreported inventory at inflated prices.
Audit Steps for Inventory Fraud

Use renumbered inventory tags matched to count sheets; use count procedures for workin-progress items; separate duties between purchasing and logging receipts of shipments



Check for same vendors.
Prices higher than other vendors.
Purchasing agent does not take vacation.




Only photocopies of invoices are available.
Aging of inventory.
Inventory turnover
There is data-mining software.
327

Stealing Diamond Inventory

Farrah Daly was charged with stealing at least 39 diamonds (1 to 3 carats), one at a time over several years from a diamond sorting area.

She and her husband allegedly had friends and others sell the approximately $500,000 worth of diamonds at pawn shops and jewelry stores.
Source: AP, “Ohio Woman Accused of Stealing Diamonds,”
Las Vegas Sun , November 10, 2003.
328











Reducing Bad Debts
Before MCI was acquired by WorldCom, Walter
Paulo a billing manager, had to reduce a $180 million bad debt expense down to $15 million.
Eventually MCI had to write-off $650 million in bad debt.
His schemes:
Allow a customer to sign a promissory note to turn the receivable into a short-term asset.
Redacting invoices.
Developing interpretations to explain why some items are aged so long.
Using questionable codes.
Used unapplied cash to cover.
Arthur Andersen did not audit the smaller bad debt accounts where the questionable accounts occurred (e.g., the third tier).
Paulo said that the AA auditors were young, inexperienced, and fresh out of college .
Source: J.M. Jacka, “An Environment for Fraud,” Internal Auditor , April 2004, pp. 49-52
329

Accounts Payable Fraud Red Flags
1.



Duplicate payments (2% of total purchases)
$80 million times 2% = $1.6 million loss.
Extract only the numerical digits of an invoice number and match on only the numbers portion of the invoice.
Try identifying the dates that are similar such as dates that are less than 14 days.
Try matching on the absolute value of the amount.
2.
Rounded-amount invoices.
3.
Invoices just below approval amounts.
4.
Abnormal invoice volume activity (two invoices one month and 60 the next).
5.
Vendors with sequential invoice numbers.
LC 0002, LC 0003, LC 0004
6.
Above average payments per vendor.
C. Warner and B. G. Dubinsky, “Uncovering Accounts Payable
Fraud,” Fraud Magazine , July/ August 2006, pp. 29-51.
330

Top 10 Financial Red Flags of Insurance Fraud

Visible alteration of documents.

Conflicting dates and/ or information.

Missing pages of documents.

Missing key information.

Significant discrepancies between tax returns and other financial documentation.

Poor financial condition prior to loss.

Business appears to be winding down immediately prior to loss.

Discovery or previously undisclosed financial or business interests.

Expenses continue while not working or operating.

Income and/ or ownership is transferred to family.
D. W. Draz, “Insurance Industry Anti-Fraud Insights,” Fraud
Magazine , July/ August, 2006, p.63.
331

Look For Fraud Symptoms

Source Documents.

Journal Entries.

Accounting Ledgers.
332


Checks.

Employee time cards.

Sales invoices.

Shipping documents.

Expense invoices.

Purchase documents.

Credit card receipts.

Register tapes.
333

Source Documents Fraud Symptoms

Photocopies of missing documents.

Counterfeit/false documents.

Excessive voids/credits.

Second endorsements.

Duplicate payments.

Large numbers of reconciling items.

Older items on bank reconciliations.

Ghost employees.

Lost register tapes.

Lots of round numbers.

Too many beginning 9’s.
334

Journal Entries Fraud Symptoms

Out-of-balance.

Lacking supporting documents.

Unexplained adjustments.

Unusual/numerous entries at end of period.

Written entries in computer environment.

Many round numbers.

Too many beginning 9’s.

Weekend entries.
335

Consideration of Fraud-All Section 316
The characteristics of fraudulent entries or adjustments. Inappropriate journal entries and other adjustments often have certain unique identifying characteristics, including entries
A.
B.
C.
D.
E.
Made to unrelated, unusual, or seldomused accounts;
Made by people who typically do not make journal entries;
Recorded at the end of the period or as post-closing entries that have little or no explanation or description;
Made either before or during the preparation of the financial statements that do not have account numbers; or
Containing round numbers or consistent ending numbers.
336

Round Numbers Red Flag
Areas where rounded number should not be expected:

Amounts on tax returns(T&E).

Inventory Counts.

Regulatory filings.

Accounts receivable balances.

Journal entries.

Any measure presumed to be exact.
Shows Estimation, Approximation, or Fraud. XL Audit
Commander, free, Excel add-on
Http:// ezrstats.com
337



Controls that prevent or detect unauthorized journal entries can reduce the opportunity for the quarterly and annual financial statements to be intentionally misstated.
Such controls might include, among other things, restricting access to the general ledger system, requiring dual authorizations for manual entries, or performing periodic reviews of journal entries to identify unauthorized entries.
As part of obtaining an understanding of the financial reporting process, the auditor should consider how journal entries are recorded in the general ledger and whether the company has controls that would either prevent unauthorized journal entries from being made to the general ledger or directly to the financial statements or detect unauthorized entries. Tests of controls over journal entries could be performed in connection with the testing of journal entries required by AU sec. 316.
338
Source: PCAOB, p. 21.

Unusual Entries
Officer Loan
Cash
Officers Salary
Officer Loan
Staff Salaries
Officers Salary
$40,000
$40,000
$40,000
$40,000
$40,000
$40,000
----------------------------------------
Cost of Goods Sold
Inventory
$35,000
$35,000
[No related sales transaction]
----------------------------------------
Allowance of Bad Debts $32,000
Account Receivables $32,000
----------------------------------------
Expense accounts where no department or person has control

General maintenance account


General transportation account
Stationary/ general office supplies






Scrap disposal accounts
Suspense and cash sweep accounts
Deferred asset or liability
Contra-accounts (bad debt reserve, accumulated depreciation)
Intercompany accounts
Accounts over which a sole, domineering, incompetent, or frequently absent individual has control.
339

Ledger Fraud Symptoms



Underlying assets disagree.
Subsidiary ledger different than general ledger.
Investigate and reconcile differences between control accounts and supporting ledger.
Difference may be concealed fraud.
340

Payroll
Payroll Schemes

Ghost Employee: A person on the payroll who does not work for that company.

False Workers’ Compensation claims: Fake injury to collect disability payments.

Commission schemes: Falsify amount of sales or the commission rate.

Falsify hours and salary:
Exaggerate the time one works or adjusts own salary.
341

Stop Ghost Employees







Ensure that the payroll preparation, disbursement and distribution functions are segregated.
Look for paychecks without deductions for taxes or
Social Security.
Completely fictitious employees frequently don’t have any.
Examine payroll checks that have dual endorsements.
Although most of them are legitimate, two signatures could signal the forgery of a departed employee’s endorsement, which the thief also endorses and deposits into his or her own account.
Use direct deposits. This method, although not foolproof, can cut down on payroll chicanery by eliminating paper paychecks and the possibility of alteration, forgery and most theft, although it doesn’t prevent misdirection of deposits into unauthorized accounts.
Check payroll records for the presence of duplicate names, addresses and Social Security numbers.
On occasion, hand-deliver paychecks to employees and require positive identification. If you have leftover paychecks, make sure they belong to actual employees, not ghosts.
Be wary of budget variations in payroll expense. Higherthan-budgeted labor costs can indicate ghost employees.
Source: J. T. Wells, “Keep Ghosts Off The Payroll,” Journal of Accountancy ,
December 2002.
342

Some Employee Schemes (contd …)
Fictitious Disbursements

Multiple payments to same payee.

Multiple payees for the same product or service.







Inflated invoices.
Shell companies and/or fictitious persons.
Bogus claims (e.g., health care fraud and insurance claims).
Overstate refunds or bogus refunds at cash register.
Many fictitious expense schemes (e.g., meals, mileage, sharing taxi, claiming business expenses never taken).
Duplicate reimbursements.
Overpayment of wages.
343

Some Employee Schemes (contd …)
Other Fraud Schemes

Stealing inventory/scrap.



Stealing property.
Theft of proprietary assets.
Personal use of assets.




Shoplifting.
False down grading of products.
A land flip involves a situation where a company decides to purchase land for a project. A person or group will find the land and buy it under a front name or company. The fraudster then increases the price of the land before selling it to the company.
Money laundering is the use of techniques to take money that comes from one source, hide that source, and make the funds available in another setting so that the funds can be used without incurring legal restrictions or penalties.
344

Some Employee Schemes (contd …)
Other Fraud Schemes (contd …)


A ponzi scheme is a pyramid-type technique where early investors are paid with new money collected from future investors, who lose their investments.
Bid rigging occurs when a vendor is given an unfair advantage in an open competition for a certain contract.
345

Ponzi Scheme
• Fraudulent Investing Scam
• Promises High Return With Little Risk
• Generates Returns For Older Investors By
Acquiring New Investors
• Usually Collapse On Themselves When The
New Investments Stop
Sources: Investopedia http://www.investopedia.com/terms/p/ponzi-scheme.asp
The Original Ponzi Scheme http://white-collar-crime.suite101.com/article.cfm/ponzi_schemes
The Wall Street Journal http://online.wsj.com/article/SB123685693449906551 .
html?mod=djemalertNEWS#project%3DMADOFF-TREE-0902%26articleTabs
%3Dinteractive
346

Pyramid Scheme
•Same As Ponzi Scheme Except Person At The Top
Never In Charge Of All The Money
•Only Get Money From The Investors They Recruit
Sources: Investopedia http://www.investopedia.com/terms/p/ponzi-scheme.asp
The Original Ponzi Scheme http://white-collar-crime.suite101.com/article.cfm/ponzi_schemes
The Wall Street Journal http://online.wsj.com/article/SB123685693449906551 .
html?mod=djemalertNEWS#project%3DMADOFF-TREE-0902%26articleTabs
%3Dinteractive
347

Charles Ponzi
• Raised $1 Million In 3 Hours in 1921
• Accumulated $15 Million Before Caught
• Returned $8 Million Before Trial
• Buy International Postage Reply Coupons
• Converted To American Postage Stamps
• 50% Return In 90 Days
Modern Fraud
• Fraud Incurs In Cycles
• Exploits A New Unaware Generation
• Globalization Of Economy
• Albania Poured $1 Billion Into Pyramids
• 43% GDP
• E-commerce
• E-mails, Websites, More Investors
Sources: Investopedia http://www.investopedia.com/terms/p/ponzi-scheme.asp
The Original Ponzi Scheme http://white-collar-crime.suite101.com/article.cfm/ponzi_schemes
The Wall Street Journal http://online.wsj.com/article/SB123685693449906551 .
html?mod=djemalertNEWS#project%3DMADOFF-TREE-0902%26articleTabs
%3Dinteractive
348

Bernard Madoff
•Stole $64 Billion From Investors
• S&P Fell 38% In 2008
• Madoff ’ s Fund Up 5.6%
•If It Sounds Too Good To Be True
• Use New Investments To Create Appearance Of
Profits
Madoff ’ s Investors Included:
•Larry Silverstein - NYU and Brooklyn Law School
Graduate, Billionaire in Real Estate
•Norman Braman - Philadelphia Eagles Owner
•Fred Wilpon - New York Mets Owner
Carl Shapiro - Founder of Institute for Education and Research at Harvard Medical School
Sources: Investopedia http://www.investopedia.com/terms/p/ponzi-scheme.asp
The Original Ponzi Scheme http://white-collar-crime.suite101.com/article.cfm/ponzi_schemes
The Wall Street Journal http://online.wsj.com/article/SB123685693449906551 .
html?mod=djemalertNEWS#project%3DMADOFF-TREE-0902%26articleTabs
%3Dinteractive
349

Sir Allen Stanford
Ponzi Schemes Still Operate. Sir Allen Stanford is not as well known as Bernard Madoff, who stole as much as $64 billion from investors.
Both, however, are accused of operating a
1921--type ponzi scheme. A ponzi investing scam promises high returns with little risk, and the fraudster pays off older investors with money from new investors. The scam usually collapses when new investments dry up.
Mr. Stanford, a Texas banking billionaire, was accused by the SEC of operating a multi-billiondollar ponzi scheme, defrauding about 30,000 investors of $7 billion. His company had 200 different accounting systems. Mr. Stamford also was making a series of bribe payments to Leroy
King, the top banking regulator in Antigua.
Apparently, Mr. King would conduct fake audits aimed at assuring American regulators and investors that Mr. Stanford’s bank was sound.
Source: AP, “Pyramid Scheme Leader Pleads No Contest,” Las
Vegas Sun , November 8, 2003.
350

Forensic Auditing Steps

Count the Petty Cash Twice in a
Day

Investigate Suppliers (Vendors)

Investigate Customers’ Complaints

Examine Endorsements on
Canceled Checks

Add Up the Accounts Receivable
Subsidiary

Audit General Journal Entries

Match Payroll to Life and Medical
Insurance Deductions
Source: Jack C. Robertson, Fraud Examination for Managers and Auditors , Austin, TX: Viesca Books, 2000, pp. 213-216.
351

Forensic Auditing Steps (contd …)

Match Payroll to Social Security
Numbers

Match Payroll with Addresses

Retrieve Customer’s Checks

Use Marked Coins and Currency

Measure Deposit Lag Time

Document Examination

Inquiry, Ask Questions

Covert Surveillance
Source: Jack C. Robertson, Fraud Examination for Managers and Auditors , Austin, TX: Viesca Books, 2000, pp. 213-216.
352

Vendor Allowances
•
In exchange for better shelf space or advertisement mentioning its products, a merchandise vendor will pay stores an extra fee--an allowance often based upon the amount of products sold.
• Employees at OfficeMax “fabricated supporting documents for approximately 3.3 million in claims billed to a vendor to its retail business.” Six employees were fired, and CEO Christopher Milliken resigned.
• The SEC sued three former executives in December
2004 at Kmart Holding Corp. for their role in a $24 million accounting fraud that booked these allowances early.
•The SEC settled a case in October 2004 with Ahold
NV involving allegations of fraudulent inflation of promotional allowances at U.S. Foodservice, Inc. unit.
Source: David Armstrong, “OfficeMax Results To Be Restated; CEO Steps
Down,”
WSJ, February 15, 2005, p. A-3.
353


Recommended Practices: Creating
Cyber-Forensic Plans for control
Systems.

Forensic Examination of Digital
Evidence: A Guide for Law
Enforcement, U.S. Dept. of Justice.

Cyber-Forensics – Forensic reporting.
354

Computer Forensics Report Template
355

Seven Investigative Techniques
3.
4.
6.
7.
1.
2.
5.
Public document review and background investigation (nonfinancial documents).
Interviews of knowledgeable persons.
Confidential sources.
Laboratory analysis of physical and electronic evidence.
Physical and electronic surveillance.
Undercover operations.
Analysis of financial transactions.
Source: R.A. Nossen, The Detection, Investigation and Prosecution of
Financial Crimes , Thoth Books, 1993
.
356

Investigation Tasks
1) Interviewing, including: a) Neutral third-party witnesses. b) Corroborative witnesses. c) Possible co-conspirators. d) The accused.
2) Evidence collection, including: a) Internal documents, such as i) Personnel files. ii) Internal phone records. iii) Computer files and other electronic devices. iv) E-mail. v) Financial records. vi) Security camera videos. vii) Physical and IT system access records. b) External records, such as i) Public records. ii) Customer/vendor information. iii) Media reports. iv) Information held by third parties. v) Private detective reports.
3) Computer forensic examinations.
4) Evidence analysis, including: a) Review and categorization of information collected. b) Computer-assisted data analysis. c) Development and testing of hypotheses.
Source:
Managing the Business Risk of Fraud: A Practical Guide, IIA, AICPA, ACFE; http://www.acfe.com/documents/managing-business-risk.pdf, 2008, pp. 42-43.
357

Documentation
The forensic accountant needs to track and document the steps in any investigation process, including:
• Items maintained as privileged or confidential.
• Requests for documents, electronic data, and other information.
• Memoranda of interviews conducted.
• Analysis of documents, data, and interviews and conclusions drawn.
Source: Managing the Business Risk of Fraud: A Practical Guide, IIA, AICPA,
ACFE; http://www.acfe.com/documents/managing-business-risk.pdf,
2008, p. 43.
358

Financial Fraud Detection Tools




Interviewing the executives
Analytics
Percentage analysis

Horizontal analysis


Vertical analysis
Ratio analysis
Using checklists to help detect fraud

SAS checklist



Attitudes/Rationalizations checklist
Audit test activities checklist
Miscellaneous fraud indicator checklist
“Objectively obtaining and evaluating evidence is the essence of auditing.”
(AAA, Committee on Basic Auditing Concepts, 1973, 2)
359

Investigative Techniques
Public Document Review

Real and personal property records.

Corporate and partnership records.

Civil and criminal records.

Stock trading activities.

Check vendors.

Laboratory Analysis
Analyzing fingerprints.


Forged signatures.
Fictitious or altered documents.

Mirror imaging or copying hard drives/company servers.

Use clear cellophane bags for paper documents.

Check for indentations (3-D enhancement).
360

Analytical Procedures
Analytical procedures involve the study or comparison of the relationship between two or more measures for the purpose of establishing the reasonableness of each one compared. Five types of analytical procedures help find unusual trends or relationships, errors, or fraud:

Horizontal or Percentage Analysis

Vertical Analysis

Variance Analysis

Ratio Analysis or Benchmarking

Comparison with other operating information
Source: D.L. Crumbley, J.J. O’Shaughnessy, and D.E.
Ziegenfuss, 2002 U.S. Master Auditing Guide ,
Chicago: Commerce Clearing House, 2002, p.
592.
361

Sales v. Net Income
Forensic accountants should compare the trend in sales with the trend in net income.
For example, from 1999 to 2001,
HealthSouth’s net income increased nearly
500%, but revenues grew only 5%. On
March 19, 2003, the SEC said that
HealthSouth faked at least $1.4
billion in profits since 1999 under the auditing eyes of Ernst & Young.
The SEC said that HealthSouth started cooking its numbers in 1986, which Ernst &
Young failed to find over 17 years.
HealthSouth also inflated its cash balances.
362

Beware Inter-company Entries

HealthSouth used PeopleSoft, with at least 2,000 different ledgers.
Suspense Account
Revenue xx xx
Accounts Receivable
Inventory
Property
Suspense Account xx xx xx xxx
Most of the entries were inter-company entries.
During 2005, 2004, and 2003, professional fees associated with the reconstruction of HealthSouth’s financial records and restatement of 2001 and
2002 consolidated financial statements approximated $206.2 million and $70.6
million, respectively.
363

Financial Statement Fraud Audit
3.
4.
5.
6.
1.
2.
7.
8.
Obtain current year’s financial statements.
Obtain prior 3 years’ financial statements.
Perform vertical/ horizontal analysis of the 4 years, plus all current quarters.
Pay attention to footnotes.
Analysis of %s and footnotes by senior auditors.
Nonsense %s and footnotes inquire explanations from financial management.
Interview lower level financial employees who approved questionable journal vouchers.
Combine explanations with visits to accounting records/ source documents.
364

Horizontal Analysis
Suppose advertising in the base year was $100,000 and advertising in the next three years was $120,000,
$140,000, and $180,000. A horizontal comparison expressed as a percentage of the base year amount of $100,000 would appear as follows:
Dollar
Amount
Horizontal
Comparison
Year 4 Year 3 Year 2 Year 1
$180,000 $140,000 $120,000 $100,000
180% 140% 120% 100%
365

Red Flags with Horizontal Analysis




When deferred revenues (on the balance sheet) rise sharply, a company may be having trouble delivering its products as promised.
If either accounts receivable or inventory is rising faster than revenue, the company may not be selling its goods as fast as needed or may be having trouble collecting money from customers.
For example, in 1997 Sunbeam’s revenue grew less than 1% but accounts receivable jumped 23 percent and inventory grew by 40 percent. Six months later in 1998 the company shocked investors by reporting a $43 million loss.
If cash from operations is increasing or decreasing at a different rate than net income, the company may be being manipulated.
Falling reserves for bad debts in relation to account receivables falsely boosts income (cookie jar accounting).
366

More Red Flags








Look for aggressive revenue recognition policies (Qwest Communication, $1.1 billion in 1999-2001). Beware of hockey stick pattern.
Beware of the ever-present nonrecurring charges (e.g., Kodak for at least 12 years).
Check for regular changes to reserves, depreciation, amortization, or comprehensive income policy.
Related-party transactions (e.g., Enron).
Complex financial products (e.g., derivatives).
Unsupported top-side entries (e.g.,
WorldCom).
Under-funded defined pension plans.
Unreasonable management compensation
Source: Scott Green, “Fighting Financial Reporting Fraud,”
Internal Auditor , December 2003, pp. 58-63.
367

Five Statistically Significant Ratios (76%)


Use the ratios for two successive fiscal years.
Convert into indexes for benchmarking.
Day’s Sales in Receivable Index :
(Accounts Receivable t
/ Sales t
)
(Accounts Receivable t-1
/ Sales t-1
)
Index for manipulators: 1.5 to 1
--------------------------------------------------------
Gross Margin Index:
[(Sales t-1
- Cost of Sales t-1
) / Sales t-1
]
[(Sales t
- Cost of Sales t
) / Sales t
]
Index for manipulators = 1.2 to 1
--------------------------------------------------------
Source: M.D. Beneish, “The Detection of Earnings
Manipulation,” Financial Analysts Journal ,
September/October, 1999. t-1 = prior year.
368

Five Statistically Significant Ratios
Asset Quality Index =
1- ( Current Assets t
+ Net Fixed Assets t
Total Assets t
)
1 - ( Current Assets t-1
+ Net Fixed Assets t-1
Total Assets t-1
)
Index for manipulators = 1.25 to 1
-----------------------------------------------------------------
Sales Growth Index : Sales t
/ Sales t-1
Manipulators: 60%
Non manipulators 10%
Source: M.D. Beneish, “The Detection of Earnings
Manipulation,” Financial Analysts Journal ,
September/October, 1999. t-1 = prior year.
369

Five Statistically Significant Ratios (76%)
Total Accruals to Total Assets =
Δ Working Capital t
Payable t
- Δ Cash t
- Δ Current Taxes
- Δ Current Portion of LTD t
- Δ
Accumulated depreciation and amortization t
Total Assets t
TATA for manipulators: .031
TATA for non manipulators: .018
Source: M.D. Beneish, “The Detection of Earnings
Manipulation,” Financial Analysts Journal ,
September/October, 1999. LTD = Long-term debt.
370

A Charles Lundelius Example
Comparison to peer group benchmarks:
Characteristic MPS Peer group peers
DSRI
GMI
1.56
2.00
1.03
1.10
51%
82%
% over
AQI
SGI
TATA
1.23 1.04
18%
1.50
1.20
25%
0.10
0.05
100%
Source: C.R. Lundelius, Financial Reporting Fraud , AICPA, 2003, p.
129.
371

1.
Z-Score Methodology: Bankruptcy
Altman’s Z-Score (Manufacturers)
AZ-Score = 1.2X
1
0.999X
5
Where:
+ 1.4X
2
+ 3.3X
3
+ 0.6X
4
+
X
1
X
2
= Working Capital/Total Assets
= Retained Earnings/Total Assets
X
3
X
4
= EBIT/Total Assets
= Market Value of Equity/Total Liabilities
X
5
= Sales/Total Assets
Above 2.99, indicates sound financial health.
Grey zone, no conclusion can be drawn.
Below 1.81, indicates financial distress.
2.
Altman’s Double Prime Z-Score
(nonmanufacturers)
Change X
4 to Total Shareholders’ Equity
Drop X
5
ADPZ-Score = 6.56X
1
1.05X
4
Above 2.6, strong.
+ 3.26X
2
+ 6.72X
3
+
Grey zone, no conclusion can be drawn.
Below 1.1, weak.
372

3.
4.
Private Company Model
Use book value rather than market value of equity.
PMZ-Score = 0.717X
+ 3.107X
3
+ 0.420X
4
1
+ 0.847X
2
+ 0.998X
5
Above 2.90, safety zone.
Grey zone, no conclusion.
Lower than 1.23, distress zone.
Hillegeist DPM
Gives probability of default.
HZ-Score = 3.835 + 1.13X
1
0.005X
2
+ 0.269X
3
0.033X
5
+
+ 0.399X
4
Where 3.835 is constant.
Higher the score, the better.
–
373

Exercises
1.
In order to determine how risky a particular company is that you are auditing, you prepare these five ratios along with the same ratios of this company’s peers:
Day’s Sales in Receivable Index
Gross Margin Index
Asset Quality Index
Sales Growth Index
Total Accruals to Total Assets
Company
1.51
1.98
1.21
1.53
0.11
Peers
1.05
1.11
1.01
1.19
0.06
What are your thoughts about the risk potential of this company?
2. You are provided the following information about a company for two years (in millions):
Sales
Cost of Sales
Accounts Receivable
2005
$23,000
11,960
4,830
2006
32,000
17,600
10,560
Calculate: a. Days Sales in receivable index.
b. Gross margin index.
c. Sales growth index.
Any thoughts about this company?
374

Excel Spreadsheet
Sherron Watkins discovered the Enron fraud in
2001 when she was again working under Andy
Fastow, CFO. She took a simple inventory, using an
Excel spreadsheet to calculate which of the division’s assets were profitable and which were unprofitable.
She discovered the special purpose entities called Raptors, off-the-books partnerships.
Enron had hidden hundreds of millions of losses by borrowing money from Raptors and promising to pay the loans back with Enron stock. Enron was hedging risks in its left pocket with money from its right pocket.
As the value of Enron stock fell and the losses in the Raptors mounted, Enron had to add more and more stock because Enron had risked
97% of the losses, and Arthur Andersen had agreed to the accounting.
Source: Mimi Swartz and Sherron Watkins, Power Failure ,
New York: Doubleday, 2003, p. 269.
375

Investigative Technique: Videotapes

Average big city resident caught on videotape about 75 times a day. Common in workplaces and stores (USA).

Former Coca-Cola secretary convicted of conspiring to steal and willing to sell confidential
Coca-Cola documents and samples of products that the company was developing to Pepsi.

Coca-Cola security expert testified that surveillance cameras were monitoring Joya
Williams’ movements. The surveillance was a key part of the government’s evidence.

She stole the materials and was attempting to sell for at least $1.5 million.

Deeply in debt, unhappy at job, and seeking a big payday.
Could face 10-years in prison.
Myway, “Video Shows Coke Worker Taking Documents,” January
26, 2007.
376

Fraud Awareness Auditing:
Unrefined Oil
377

Thinking as a Forensic Auditor
The Iceberg Theory of Fraud
Overt Aspects
Hierarchy
Financial Resources
Goals of the Organization
Skills and Abilities of Personnel
Technological State
Performance Measurement
Covert Aspects
Structural
Considerations
Water line
Attitudes
Feelings (Fear, Anger, etc.)
Values
Norms
Interaction
Supportiveness
Behavioral
Considerations
Satisfaction
Source: G.J. Bologna and R.J.
Lindquist, Fraud Auditing and
Forensic Accounting , 2 nd Edition,
New York: John Wiley, 1995, pp. 36-
37
378

Game Theory and Strategic Reasoning Tips
Fraud risk assessment
• Auditors who use long lists of fraud cues and fraud checklists are inaccurate in their fraud-risk assessments.
•
Auditors generally overweight cues indicative of management’s character even though these cues are the most likely cues to be unreliable.
• Audit standards should be designed to persuade auditors to consider how management might manipulate their perceptions of fraud cues.
Audit Planning
• Auditors should develop audit strategies that are unpredictable, especially with regard to the nature of their evidence.
• Audit plans are more predictable and less effective at detecting fraud when auditors use procedures based on prior audits or standard audit programs.
• Audit standards should require auditors to engage in strategic reasoning by considering the types of fraud that management might perpetrate and how these frauds might be concealed from the audit.
• The goal of audit standards should be to encourage auditors to gather new, unusual, or random audit evidence not easily anticipated by management.
Implementation of the audit
• Learning from experience is critical to effectively performing in a strategic setting.
• Auditors are often insensitive to new evidence regarding fraud risk and can more effectively learn from their interactions with the client.
•
Audit standards can improve learning by requiring activities such as documenting and communicating the nature of their interactions with
Techniques to Prevent and Detect Fraud,” Accounting Horizon , September 2004, p. 182.
379

Behavioral Concepts Important
“Not all fraud schemes can effectively be detected using data-driven approaches.
Instances of corruption-bribery, kickbacks, and the like – and collusion consistently involve circumvention of controls.
Searching relevant transaction data for patterns and unexplained relationships often fails to yield results because the information may not be recorded, per se, by the system.
Behavioral concepts and qualitative factors frequently allow the auditor to look beyond the data, both with respect to data that is there and the data that isn’t.”
Source: S. Ramamoorti and S. Curtis, “Procurement Fraud & Data
Analytics, “Journal of Government Financial Management, Winter 2003,
Vol. 52, No. 4, pp. 16-24.
380

Life Styles Important
For someone who earned a salary of just
$1,000 a month , Rana Koleilat managed to live a pretty nice life. She traveled by private jet, took along her servant and hairdresser, and stayed at luxurious locality in London and Paris.
Back home in Beirut, Lebanon, she lived in a three-story penthouse. To anyone who asked how she lived so well, she replied that she had a
“rich uncle.”
Actually, Koleilat helped manage a private bank in Beirut, and thereby hangs a tale.
The chairman of the bank said he lost $1.2 billion, and depositors lost another several hundred million dollars
E.T. Pound, “Following the Old Money Trail,”
U.S. News & World Report , April
4, 2005, p. 30.
381

Be An Investigator
“Because I was an investigator,” he said.
“O.K.,” she said. “Investigators investigate.
That, I can follow. But don’t they stop investigating? I mean, ever? When they know already?”
“Investigator never know,” he said. “They feel, and they guess.”
“I thought they dealt in facts.”
“Not really,” he said. “I mean, eventually they do, I suppose. But ninety-nine percent of the time it’s ninety-nine percent about what you feel . About people. A good investigator is a person with a feel for people.”
Lee Child, Echo Burning , N.Y.: Jove Books, 2001, p. 281.
382

Working Outward to Inward
Secondary
Sources
Human
Resources
Primary
Documents
Primary documents may lie.
If a fraudster is smart, there may be little secondary sources.
Primary documents may have been destroyed.
Source: Houston et al.
, The Investigative Reporter’s Handbook, 4 th edition, Bedford/ St. Martin’s
383

Secondary Sources
•Newspapers
•Broadcast and Cable sources
•Magazines & Newsletters
•Reference books
•Dissertations & Theses
•Books & Libraries
•Databases: Dialog, Lexis Nexis, Dow
Jones Interactive
•Internet
384

Primary Documents
• Primary Documents on Commercial
Databases.
• Government Databases.
• Uniform Commercial Code.
• County tax documents.
• Birth & Death records.
• Depository Libraries.
• National Archives System.
The 3 I’s
• Individual
• Institution
• Issue
385

•Online databases.
•Spreadsheets.
•Database managers.
•Mapping software.
•Statistical software.
386

United States – 876 Cases
Source: 2010 Wells Report, ACFE.

Behavioral Red Flags Present During Fraud Scheme – Sorted by Frequency
23 The sum of percentages in this table exceeds 100 percent because in several cases the perpetrator exhibited more than one behavioral red flag.
Source: 2008 Wells Report, ACFE.

Fraud Identifiers to Spot Fraudsters

Large ego

Substance abuse problems or gambling addiction

Living beyond apparent means

Self-absorption

Hardworking/taking few vacations

Under financial pressure (e.g., heavy borrowings)

Sudden mood changes.
Source: G.E. Moulton, “Profile of a Fraudster,”
Deloitte Touche Tohatsu, www.deloitte.com
, 1994.
389

Red Flags or Fraud Identifiers







Earnings problem: downward trend in earnings
Reduced cash flow: If net income is moving up while cash flow from operations is drifting downward, something may be wrong.
Excessive debt: the amount of stockholders' or owners' equity should significantly exceed the amount of debt.
Overstated inventories (California Micro) and receivables (BDO Seidman): If accounts receivables exceeds 15 percent of annual sales and inventory exceeds 25 percent of cost of goods sold, be careful.
Inventory plugging: Record sales to other chains as if they were retail sales rather than wholesale chains (e.g., Crazy Eddie).
Balancing Act: Inventory, sales, and receivables usually move in tandem because customers do not pay up front if they can avoid it.
CPA Switching: Firms in the midst of financial distress switch auditors more frequently than healthy companies.
390

Red Flags or Fraud Identifiers (contd…)





Hyped Sales: hyped sales by using his ample personal fortune to fund purchases.
Reducing Expenses: Rent-Way reduced the company’s expenses—a reduction of $127 million.
Ebitda: Earnings before interest, taxes, depreciation, and amortization is a popular valuation method for capital-intensive industries.
Off-Balance Sheet Items: Enron had more than 2,500 offshore accounts and around
850 special purpose entities.
Unconsolidated Entities: Enron did not tell
Arthur Andersen that certain limited partnerships did not have enough outside equity and more than $700 million in debt should have been included on Enron’s statements.
391






Creative or Strange Accounts: For their
1997 fiscal year, America Online, Inc. showed $385 million in assets on its balance sheet called deferred subscriber acquisition costs.
Pension Plans
Reserve Estimates
Personal Piggy Bank: Family member owners may use a corporation as a personal piggy bank at the expense of public investors and creditors.
Barter deals: A number of Internet companies used barter transactions
(or non-cash transactions) to increase their revenues.
392

The Sarbanes-Oxley Act of 2002 mandates that CEOs and CFOs certify in periodic reports containing financial statements filed with the SEC the appropriateness of financial statements and disclosures.
--------------------------------------------------------
In March 2005, the SEC said that executives are gatekeepers. Thus, an executive can be in trouble if in a position to detect wrongdoing below them and do not move forcefully to prevent the fraud. It does not matter if the executive has been lied to. An executive has the responsibility to cut through the lies and try to root out the truth.
Carol. J. Loomis, “The SEC Turns the Screws on
Gatekeepers,” Fortune , April 18, 2005, p. 38.
393

CEOs are now being squeezed as a result of SOX by BODs, auditors, and lawyers because these watchdogs are finally facing genuine liability for their failures. These watchdogs are trying to protect their hides.
Arthur Andersen is out of business, and directors at WorldCom and Enron are paying off fraud claims out of their own pockets. Hank Greenberg, former
Chairman and CEO of AIG said that the balance of power in corporate America has shifted.
Diane Brady and Joseph Weber, “The Boss on the Sidelines,”
Business Week, April 25, 2005, p. 88.
394

Significant Variables of
Fraudulent Companies

Percentage of total Board of Directors holdings held by insiders.

Insiders having greater than 50% control of the BOD.

CEO also being chairman of the BOD.

CEO being the company’s founder.

Lack of an audit committee.
SEC Accounting and Auditing Enforcement Releases (1982-1992).
395

Eight of the ten recent scandals had board chairs who were also CEO:
1.
Enron 5. HealthSouth
2.
Adelphia
3.
Tyco
4.
Waste Management
6. Quest
7. Homestore
8. Sunbeam
WorldCom and Global Crossing had different
Chairman and CEO.
--------------------------------------------------------
Aging Board of Directors. “Easier for
Management to get away with misdeeds.”
Enron’s Audit Committee chairman was 72.
“They can be hard of hearing.” Nearly 10% of directors in the S & P’s 500 stock index are
70 or over.
Source: Louis Lavelle, “Directors: Know When to Fold Them, “ Business Week , May 24, 2004, p.14.
396

The Panel on Audit Effectiveness recommended that surprise or unpredictable elements should be incorporated into audit tests, including:

Recounts of inventory and unannounced visits to locations




Interviews of financial and nonfinancial client personnel in different locations
Requests for written confirmations from client employees regarding matters about which they have made representations to the auditors
Tests of accounts not normally performed annually
Tests of accounts traditionally or frequently deemed “low risk”
397

Internal Auditors and Fraud
Detection
The Institute of Internal Auditors’ Due
Professional Care Standard (Section
280) assigns the internal auditor the task of assisting in the control of fraud by examining and evaluating the adequacy and effectiveness of the internal control system.
However, Section 280 says that management has the primary responsibility for the deterrence of fraud, and management is responsible for establishing and maintaining the control systems. In general, internal auditors are more concerned with employee fraud than with management and other external fraud.
398

1.
2.
3.
4.
Notify management or the board when the incidence of significant fraud has been established to a reasonable certainty.
If the results of a fraud investigation indicate that previously undiscovered fraud materially adversely affected previous financial statements, for one or more years, the internal auditor should inform appropriate management and the audit committee of the board of directors of the discovery.
A written report should include all findings, conclusions, recommendations, and corrective actions taken.
A draft of the written report should be submitted to legal counsel for review, especially where the internal auditor chooses to invoke client privilege.
399

The audit committee is the subcommittee of an organization’s board of director’s charged with overseeing the organization’s financial reporting and internal control processes. The audit committee’s biggest responsibility is monitoring the component parts of the audit process.
----------------------------------------------------------------
The board of directors and its representative audit committee should oversee (1) the integrity, quality, transparency, and reliability of the financial reporting process; (2) the adequacy and effectiveness of the internal control structure in preventing, detecting, and correcting material misstatements in the financial statements; and (3) the effectiveness, efficacy, and objectivity of audit functions.
400

Audit Committee Red Flags
• Independence of audit committee from management. Audit committee should report to BODs.
• The clarity with which the audit committee’s responsibilities are articulated, such as in the charter, and how well the audit committee and management understand those responsibilities;
• The audit committee’s interactions and involvement with the independent and internal auditor; and
• Whether the audit committee raises and pursues with management and the independent auditor the appropriate questions, including questions that indicate an understanding of the critical accounting policies and judgmental accounting estimates.
401

Computer Forensics
“Today’s Sergeant Joe Friday does not write in a small notebook in the course of solving crimes; he now reconstructs the data from imaging hard drives.”
Joe Anastasi, The New Forensics , John Wiley & Sons, 2003.
“Corporate criminals don’t always tell the truth.
Their computers usually do.”
Thomas Talleur, KPMG
• “The need for computer forensics has dramatically increased. This represents the use of computer science principles and investigative techniques to obtain digital evidence from computer systems that is admissible in a court of law,” says Bruce
Dubinsky.
• Statistics indicate that 92 percent of new data is created electronically and that 70 percent of this data never migrates to paper. When investigators ignore electronics evidence, it’s analogous to only reviewing three out of 10 boxes containing potentially relevant and discoverable information.
S. Kahan, “Sherlock Holmes Enters Accounting,”
WebCPA, February,
2007.
402

Data Mining Found WorldCom Mess
Auditors should perform all of the analytics themselves, and they must be educated in fraud detection and introduced to data mining techniques.
When the concept of data mining is brought up, audit managers cringe and argue that they cannot afford to employ statisticians.
However, while there is data mining software that requires a statistician’s level of expertise (such as IBM’s
Intelligent Miner), there also are products, such as WizSoft Inc., that can be employed by most auditors who are acquainted with the fundamentals of
Microsoft Office and who are curious as to why they obtained their audit results.
Source: Bob Denker, “Data Mining and the Auditor’s Responsibility,”
Information Systems Audit and Control Association InfoBytes.
403

Technology Knowledge Important

Ruby Sharma, at E&Y, says that computer forensic services, as well as electronic discovery and forensic data analysis, are provided by its legal technology services practice, which currently consists of 52 professionals, around one-fourth of whom are primarily devoted to computer forensics and closely related disciplines.
These computer forensics professionals provide a range of services to clients beyond the traditional identification, preservation and extraction of electronic evidence from digital media, she says. They also provide forensic investigations and analysis of digital media to determine the circumstances surrounding the creation, deletion or modification of specific documents; determine the provenance of documents; locate and recover evidence that has been either intentionally or unintentionally deleted; and determine timelines and event sequences of computer activity that may be of value to the investigation.


Frank Piantidosi, at Deloitte, says that technology is the heart of most financial investigations, and electronic data drives the investigation. He says that this group provides repositories of all the data to the legal teams electronically, rather than through the antiquated system of boxes and boxes of hard copy files.
We have developed technology solution that can quickly find and accumulate data from various sources anywhere in the world, then read the data files using software from India, then store the data using Australian technology for 5 to 10 years.
S. Kahan, “Sherlock Holmes Enters Accounting,” WebCPA , February 11, 2007.
404

Careful of E-mail and Text Messages

40% of large business and 29% of all companies read or analyze outbound e-mails.

51% of U.S. companies have disciplined an employee for violating e-mail policy and 26% have fired someone.

21% investigate blogs or message boards.
Source: Ben Worthen, “Be Careful: Your Boss is Reading,” Wall
Street Online, June 10, 2008.
405

Some Forensic Software
Encase: can recover deleted files, time-stamp data, and identify unauthorized applications.
Disk Investigator (free from Kevin Solway): identify hidden files and deleted files on a disk.
Interactive Data Extraction Analysis (IDEA): import and analyze data (e.g., aging of accounts, file stratification, name searches, review of audit trail log files, using day of week analysis, gap detection, sampling techniques, sorting Benford’s Law Analysis).
Free educator’s version
( www.audimation.com
).
406

Careful of E-mail and Text Messages

Do not put anything in an e-mail or text message that you do not wish to see in the newspaper or on the Internet.

14,000 flirty and sometimes sexually explicit text messages between married Detroit Mayor
Kwame Kilpatrick and his top aide Christine
Beatty reprinted in Detroit Free Press. Found on the city-issued pager of Beatty.

Both denied under oath having a physical relationship.
407

Careful of E-mail and Text Messages (cont.)
“Most investigations begin with a tip from a whistleblower or a suspicion of some sort, which prompts the audit committee of a company's board of directors to call in Vondra and his group. They'll begin with high-level interviews and then move on to requesting and examining e-mails—sometimes as many as one million. He and his team run the emails through programs that search for words and phrases like "illegal," "earnings management," and "manipulate." The programs will call up e-mail strings, which may point the auditors to certain accounting files, which can then be pulled up and scrutinized. ”
Source: http://www.portfolio.com/careers/job-of-the week/2008/03/10/Forensic-Accountant-Al-Vondra#page2
408

Using Technology to Gather
Evidence






Drill-down functionality
Electronic imaging
Benford’s law
Digital Analysis Tests and Statistics
(DATAS)
Data warehousing/mining
Inductive vs. deductive method
409

“ Extensive knowledge and use of technology is an absolute necessity. The ability to go into an electronic image and download information, and to get information from systems that don’t talk to each other. All the accumulated information can then be reviewed for financial improprieties.”
Bert Lacativo, Southlake, Texas
-------------------------------------------------------
“We use off-the-shelf software (IDEA) to import large databases, read different data files, set up queries, and compare database files such as addresses, telephone numbers, and Social
Security numbers. This process will tell us, for example, if a purchase order was done on
Saturday or Sunday when the company isn’t open.”
Cal Klausner, Bethesda, Md.
H.W. Wolosky, “Forensic Accounting to the Forefront,” Practical
Accountant , February 2004, pp. 23-28
410

Data Analysis vs. Data Mining Software




ACL, IDEA, and SAS are data analysis (DA) software used to ensure the integrity of data, to program continuous monitoring, and to detect fraudulent transactions.
DA requires a program to be set up and run against the data. The program is written by auditors (i. e., humans) who may be prejudice in the routines that are executed.
Data Mining finds patterns and subtle relationships in data.
Wiz Rule (from WizSoft, Inc.) and
IBM’s Intelligent Miner are data mining software.
Source: Irina Sered, “Software,” kdnuggets.com/news/2001/n24/13i.html.
411

Wiz Rule Data Auditing Tool







Based upon data mining.
Performs complex analysis of data, finding errors, inconsistencies, and situations that require further investigation.
WizRule reveals all the if-then rules, mathematical formula rules, and spelling irregularities.
Divides situations deviating from the rules into data entry errors and suspicious errors.
Can be used in auditing, fraud detection, data scrubbing, and due diligence reviews.
Learning curve is short.
Cost license is $1,395 and yearly maintenance fee is $279.
Source: Irina Sered, “Software,” kdnuggets.com/news/2001/n24/13i.html.
412








413

• Sort
• Compare
• Manipulate
• Sample
• Extract data
• Mathematical testing
• Exception reports
• Aging
414

IDEA’s Forensic Investigations
1.
2.
3.
4.
5.
6.
7.
High number of transactions just below an authorization level.
Usual right offs or returns of merchandise.
High number of partial payments by customers.
Duplicate or missing social security numbers.
Addresses that do not compare with addresses maintained by human resources.
Discrepancies between company policies on hiring contractors and actual contractor hiring patterns.
Recording a large number of repeat invoices from vendors.
415

Computer Assisted Investigation





Online databases.
Spreadsheets.
Database managers.
Mapping software.
Statistical software.
416

Using Data Mining

Match employee addresses against vendor addresses.

Sort vendor list by size to determine the most highly paid suppliers.

Review the structure of vendor names.

Uncover indications of ghost employees (e.g., N.O. Police dept.).

Fraudulent expense reports (even amounts, $6).

Repeated withdrawals of even amounts from petty cash.
417

“
I need you to step away from your computer please ,” Lee Altschuler said.
Morgan Fay’s chief financial officer glanced up from her computer screen. She regarded the man standing at her office doorway for a moment. “Excuse me?” Cindy Shalott asked.
“ We’d like you to please conclude your business for the day .” Lee Altschuler said. “I’d appreciate it if you could complete whatever you’re doing as quickly as you can. Please leave your computer in the way that it is now. Don’t turn it off .”
The chief financial officer swung her desk chair around.
“Just move away from your computer please,” Altschuler repeated.
“Who are you?” Cindy Shalott asked.
Source: Joe Anastasi, The New Forensics , John Wiley & Sons, 2003, p. 91
418

To Legalize Data Mining
1.
Ensure that a working file has been imaged.*
2.
The hash code of the working file is initially the same as the original file.*
3.
Make sure the working data has been cleaned to eliminate obvious errors such as types.
*Otherwise, no guarantee that the data will be accepted in the courtroom.
419






Ink Analysis
Martha Stewart was undone by a blue ballpoint pen.
Stockbroker belatedly inserted a note to help cover up Ms. Stewart’s improper stock trading. Blue ballpoint ink used is different from ink elsewhere on the trading worksheet.
Prosecutors used forensic ink analysis in
Rite Aid case to show that certain documents were backdated (ink used to sign letter was not commercially available until 3 months after the letter was dated).
Xerox laser printers now encode the serial number of each machine in tiny yellow dots in every printout, nestled within the printed words and margins. It tracks back to you like a license plate.
Advice for fraudsters: use pencils.
Source: Mark Maremont, “In Corporate Crimes, Paper Trail
Often Leads to Ink Analysts’ Door,” Wall Street J.
, July 1,
2003, p. A-1.
420

Deductive vs. Inductive


Deductive: one goes from general to specific; fairly simple and economical.
Inductive: one starts with specific experiences and then draws inferences.
Deductive Approach
Generic data mining
Digital analysis
Discovery sampling
Inductive Approach
Custom data mining
Analysis of all data
Generic software Custom software
For smaller organizations For larger organizations
Basic features
Easy to learn
Relatively inexpensive
Sophisticated features
Requires advanced skills
More expensive
Source:
W.S. Albrecht and C.C. Albrecht, “Root Out
Financial Deception,”
Journal of Accountancy (April 2002), p. 33.
421

Benford’s Law


Distribution of initial digits in natural numbers is not random
Predictable patterns:
0= -----
1= 30.1%
2= 17.6%
3= 12.5%
4= 9.7%
5= 7.9%
6= 6.7%
7= 5.8%
8= 5.1%
9= 4.6%
12% 10.2%
11.4% 10.1%
10.9% 10.1%
10.4% 10.1%
10% 10%
9.7% 10%
9.3% 9.9%
9% 9.9%
8.8% 9.9%
8.5% 9.8%
There is software to detect potentially invented numbers in many situations.
Compare actual frequency with Benford’s frequency.
422

Benford’s Law Uses










Investments sales/purchases
Check register.
Sales history/Price history.
401 contributions.
Inventory unit costs.
Expenses accounts.
Wire transfer information.
Life insurance policy values.
Bad debt expenses.
Asset/liability accounts.
Source: Richard Lanza, “Digital Analysis- Real World
Example,” IT Audit, July 1, 1999,pp. 1-9.
423

When Benford Analysis Is or Is Not Likely Useful
When Benford Analysis is Likely Useful
Sets of numbers that result from mathematical combination of numbers-
Result comes from two distributions.
Examples
Accounts receivable (number sold times price). Accounts payable (number bought times price).
Transaction-level data – No need to sample.
Disbursements, sales, expenses.
On large data sets – The more observations, the better.
Full year’s transactions.
Accounts that appear to conform – When the mean of a set of numbers is greater than the median and the skewness is positive.
Most sets of accounting numbers.
When Benford Analysis Is Not Likely
Useful
Examples
Data set is comprised of assigned numbers Check numbers, invoice numbers, zip codes.
Numbers that are influenced by human thought.
Prices set at psychological thresholds ($1.99), ATM withdrawals.
Accounts with a large number of firmspecific numbers.
Accounts with a built in minimum or maximum.
Where no transaction is recorded.
An account specifically set up to record $100 refunds.
Set of assets that must meet a threshold to be recorded.
Thefts, kickbacks, contract rigging.
Source: Durtschi, Hillison, and Pacini, “The Effective Use of Benford’s Law to Assist in
Detecting Fraud in Accounting Data,” J. of Forensic Accounting , Vol. V, 2004, p. 24.
424

Hacking Ring Caught in $9 Million Fraud
ATLANTA - Federal authorities have busted what they call "one of the most sophisticated computer hacking rings in the world" winning indictments against eight people from Russia,
Estonia and Moldova.
The ring allegedly stole more than $9 million in less than 12 hours after hacking into payroll debit card information last November from the
Royal Bank of Scotland Group in Atlanta. After breaking encryption used to protect customer data on payroll debit cards the group allegedly raised the account limits on compromised accounts.
They then provided a network of "cashers" with
44 counterfeit payroll debit cards, which were used to withdraw more than $9 million from over
2,100 ATMs in at least 280 cities worldwide, including the United States. Authorities said the investigation in ongoing.
Source: http://www.msnbc.msn.com/id/33831349/
425

Computer Programmers Aided Madoff
Two former employees for Bernard Madoff programmed an old
IBM computer to generate false records that concealed the crooked financier's massive Ponzi scheme and were given hush money when they threatened to stop lying, federal prosecutors said Friday.
Madoff gave orders to pay the pair "whatever they wanted to keep them happy," a criminal complaint said.
O'Hara and Perez were hired by Madoff's firm in the early 1990s to develop and maintain programs using a computer known as
"House 17." The programs allowed Madoff to generate account statements for thousands of clients "that purported to confirm the purchases of securities that, in fact, had not been purchased," the complaint said.
DiPascali has told investigators that in 2001, Madoff become alarmed by news report that his phony returns were too good to be true. Madoff "attempted to prepare for increased scrutiny" by the SEC by having O'Hara and Perez fabricate a second set of books that would throw regulators off the trail, the complaint said.
In what the SEC called "a crisis of conscience" in 2006, O'Hara and Perez deleted 218 of the 225 special programs from the
House 17 computer, and withdrew thousands of dollars from their own accounts with the firm, authorities said.
Source: Tom Hays, Computer programmers accused of aiding Madoff scam,
Yahoo! Finance, November 13, 2009.
426

Digital Multifunctional Devices (MFD)

The hard drive on your photocopier and the data residing on it, is completely exposed, unprotected, and accessible to anyone with the right tools and know how
(which is not rocket science).

Every day, billions of pages of confidential information
– medical records, legal documents, and financial data
– are produced and distributed using sophisticated digital office systems, such as printers, scanners, copiers, facsimile, and MFD.

Digital copiers store thousands of records in internal memory, and can fall in the wrong hand at the end of a lease. Each time you walk away from the copier, your info remains in the memory.

A forensic accountant/cyber forensic investigator must consider these devices capable of storing data as a potential source of electronic evidence.
Al Marcella, Cyber Forensic II: A Field Manual for Collecting, Examining, and
Preserving Evidence of Computer Crimes, 2 nd , New York: Taylor & Francis
Group.
427

MFD Forensic Audit

Ted decides to sell schematics and blueprints of a new hydraulic press his company is developing to Sally, a vendor’s rep.

In the evening he goes to the company’s photocopier and selects the scan and e-mail options.

In a matter of minutes, he copies, scans, and e-mails the schematics and blueprints, saved as a PDF formatted file to Sally.

He later meets Sally, receives his payment, and agrees to send more information.

When his computer is seized and audited, no incriminating evidence is found.

If there is little or no security over the MFD, then the forensic accountant should forensically audit the hard drives of suspected MFDs.
Al Marcella, Cyber Forensic II: A Field Manual for Collecting, Examining, and
Preserving Evidence of Computer Crimes, 2 nd , New York: Taylor & Francis
Group.
428

Computer Online Forensic Evidence Extractor

Microsoft has a USB thumb drive device
(Cofee) which quickly extracts forensic data from computers that have been used in a crime.

Device contains 150 commands that can dramatically cut the time it takes to gather digital evidence.

More than 2,000 officers in 15 countries have received it free.

Cofee was leaked to the Internet in
November 2009.
Source: Benjamin J. Romans, “Microsoft Device Helps Police
Pluck Evidence from Cyberscene Crime,” Seattle Times , April
29, 2008.
429

Change the Join Property
The following scenarios illustrate the need for auditors to change the default join property to ensure their analysis includes all transactions, even if there are no matches in the master data:

Allen is a database administrator. He is authorized to manage the company’s ERP software and has been granted update access to the application database.
Using his access privileges, he added a shell company to the vendor table . Periodically, he added a record to the table of approved invoices. On the entered due date, the check was prepared and sent to the “vendor’s” (Allen’s) address. When the auditor requested purchasing data,
Allen handled the request. He then used his access privileges to remove the vendor record before sending the data to the auditor

Beth works in accounts payable. Although she is responsible for processing checks, a flaw in her application access permissions has also given her the ability to perform vendor maintenance that, within a certain application, grants her update and delete authority to all vendor data. Recognizing the fraud opportunity of this internal control weakness, Beth created several shell companies to which she periodically processed checks sent to the fictitious vendor’s (Beth’s) address. Before the audit team arrived,
Beth deleted her shell companies.
Source: M.W. Lehman, “Join the Hunt,” J. of Accountancy,
September 2008, p. 47.
430


Analyzing financial data, employee records, and purchasing systems for errors and fraud

Importing Excel, XML, EBCDIC,
CSV, and TSV files into databases

Interactively analyzing network events, web server logs, and system login records

Importing email into relational or text-based databases

Embedding controls and fraud testing routines into production systems
431

Picalo Architecture

Detectlets allow non-programmers to run analysis routines created by others
.
432

Computer Aided Audit Applications
Accounts Receivable Applications












Identify duplicate invoices, credits, or receipts.
Detect variances between delivery documents and invoices.
Report gaps in a sequence of generated invoices.
Identify customer accounts with no address, telephone, or tax ID.
Identify credits to dormant or unused accounts.
Identify duplicate return transactions.
Extract sales with discounts over a specified percentage and summarize by employee.
List the top 10 employees by cash register adjustments (discounts, refunds, sales voids).
Identify employees who produced cash register adjustments a specified percentage more than the average employee.
Summarize refunds by customer credit card number.
Identify refunds for amounts greater than the selling price.
Calculate the number and amount of refunds by sales clerk.
Source: D.E. Mensel, “Using Computers to Detect Fraud,” J. of
Forensic Accounting, Vol. VIII (2007), pp. 414-415.

Computer Aided Audit Applications (cont.)
Accounts Payable Applications
















Compare vendor addresses/ phone numbers to those of employees.
Identify credits given outside discount terms.
Identify cash discounts not taken.
Identify checks issued to vendors with names that sound similiar to known vendors.
Extract all round dollar payments.
Identify payments to vendors with blank information.
Identify vendors with activity only in one month of the year.
Identify duplicate payments.
Extract duplicate invoices.
Extract invoices with a valid purchase order.
Extract multiple invoices with the same item description.
Identify vendors with duplicate invoice numbers.
Identify invoices for the same amount on the same date.
Identify sequential invoices.
Identify new or non-approved vendors.
Identify vendors with an address that is a mail drop.
Source: D.E. Mensel, “Using Computers to Detect Fraud,” J. of
Forensic Accounting, Vol. VIII (2007), pp. 414-415.

Computer Aided Audit Applications (cont.)
Materials Management and Inventory Control
Applications







Identify items with below standard gross margins.
Calculate standard pricing variances.
Identify negative receipt quantities.
Identify duplicate items or serial numbers.
Calculate shortages/ overages by ordering and receiving agent and by vendor.
Identify purchase orders with blank or zero amounts.
Identify purchases of consumer items.
Source: D.E. Mensel, “Using Computers to Detect Fraud,” J. of
Forensic Accounting, Vol. VIII (2007), pp. 414-415.

Computer Aided Audit Applications (cont.)
Payroll Applications





Identify duplicate direct deposit numbers.
Identify duplicate employee names, addresses, and phone numbers.
Identify false, invalid, or duplicate Social
Security numbers.
Identify employees with no deductions.
Identify employees with no time off for vacations or sick leave.
Source: D.E. Mensel, “Using Computers to Detect Fraud,” J. of
Forensic Accounting, Vol. VIII (2007), pp. 414-415.

Spreadsheet Fraud




Spreadsheets can be excellent tools for committing fraud.
There is little or no security in controlling changes within the worksheets.
Aside from fraud, they are ripe grounds for errors because of their open nature for change.
For examples, see European
Spreadsheet Risks Interest Group: www.eusprig.org/stories.htm
Source: R. B. Lanza, “The Spreadsheet: The Easiest Place for
Committing Financial Statement Fraud,” Fraud Magazine,
July/August 2005, p. 15.
437

Some Spreadsheet Frauds



AIB/Allfirst Trading Fraud – The fraudster substituted links to his private manipulated spreadsheet which exaggerated bonuses by more than half a million dollars.
HealthSouth – Two ex-HealthSouth executives admitted that they prepared a false spreadsheet for auditors that inflated
HealthSouth’s assets and made the company appear to be worth more than it was.
CFX – The Internal Audit Department noted in its investigation that management created spreadsheets showing desired results first and then adjustments were made to the accounting system to match the spreadsheet.
Source: R. B. Lanza, “The Spreadsheet: The Easiest Place for
Committing Financial Statement Fraud,” Fraud Magazine,
July/August 2005, p. 15.
438



Source: R. B. Lanza, “The Spreadsheet: The
Easiest Place for Committing Financial
Statement Fraud,” Fraud Magazine,
July/August 2005, p. 15.
439

The Market Segment Specialization
Program focuses on developing highly trained examiners for a particular market segment. An integral part of the approach used is the development and publication of Audit Technique Guides.
These Guides contain examination techniques, common and unique industry issues, business practices, industry terminology, and other information to assist examiners in performing examinations. A forensic accountant can use this resource to learn about a particular industry.
http://www.irs.gov/business/small/article
/0,id=108149,00.html
440

So You Find Fraud
•
Criminal referral — The organization may refer the problem to law enforcement voluntarily, and, in some situations, it may be required to do so. Law enforcement has access to additional information and resources that may aid the case. Additionally, referrals for criminal prosecution may increase the deterrent effect of the organization’s fraud prevention policy. An appropriate member of senior management, such as the chief legal counsel, should be authorized to make the decision as to whether pursuing criminal prosecution is appropriate.
• Civil action — The organization may wish to pursue its own civil action against the perpetrators to recover funds.
• Disciplinary action — Internal disciplinary action may include termination, suspension (with or without pay), demotion, or warnings.
• Insurance claim — The organization may be able to pursue an insurance claim for some or all of its losses.
Source: Managing the Business Risk of Fraud: A Practical Guide,
IIA, AICPA, ACFE; http://www.acfe.com/documents/managingbusiness-risk.pdf, 2008, pp. 43-45.
441

Acquisition/Payment Cycle
From 62 standard audit procedures , external and internal auditors judged these 20 procedures to be more efficient is detecting fraud in the acquisition and payment cycle (in descending order).
• Examine bank reconciliation and observe whether they are prepared monthly by an employee who is independent of recording cash disbursement or custody of cash.
• Examine the supporting documentation such as vendor’s invoices, purchase orders, and receiving reports before signing of checks by an authorized persons.
• Examine the purchase requisitions, purchase orders, receiving reports, and vendors’ invoices which are attached to the vouchers for existence, propriety, reasonableness and authenticity.
•Examine internal controls to verify the cash disbursement are recorded for goods actually rendered to the company.
•Discuss with personnel and observe the segregation of duties between accounts payable and custody of signed checks for adequacy.
Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the
Fraud Detection Effectiveness of Standard Audit Procedures,” Journal of Forensic Accounting , Vol. 4, 2003, p. 204-205 442

Acquisition/Payment Cycle (Contd.)
•
Confirm inventories in public warehouse and on consignment.
•Examine internal controls to insure the vendor’s invoices, purchase orders, and receiving reports are matched and approved for payment.
• Examine internal controls for the following documents: vendor’s invoices, receiving reports, purchase orders, and receiving reports.
• Trace a sample of acquisitions transactions by comparing the recorded transactions in the purchase journal with the vendor’s invoices, purchase requisitions, purchase orders, and receiving reports.
• Establish whether any unrecorded vendors’ invoices or unrecorded checks exist.
• Examine the internal control to verify the proper approvals of purchase requisitions and purchase orders.
• Reconciled recorded cash disbursement with disbursements on bank statements.
Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the
Fraud Detection Effectiveness of Standard Audit Procedures,” Journal of Forensic Accounting , Vol. 4, 2003, p. 204-205
443

•
Discover related party transactions.
• Examine the internal control to verify the approvals of payments on supporting documents at the time that checks are signed.
• Discuss with personnel and observe the procedures of examining the supporting documentation before the signing of checks by an authorized person.
• Examine canceled checks for authorized signatures, proper endorsements, and cancellation by the bank.
• Account for the numerical sequence of prenumbered documents (purchase orders, checks, receiving reports, and vouchers).
• Trace a sample of cash payment transactions.
• Trace resolution of major discrepancy reports.
Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the
Fraud Detection Effectiveness of Standard Audit Procedures,”
Journal of Forensic Accounting , Vol. 4, 2003, p. 204-205
444

Sales/Collection Cycle
These 10 standard audit procedures were judged as being more effective for detecting fraud in the sales and collection cycle (in descending order)
• Observe the proper and appropriate segregation of duties.
• Review monthly bank reconciliation and observe independent reconciliation of bank accounts.
• Investigate the difference between accounts receivable confirmation and customer account receivable balances in the subsidiary ledger and describe all these exceptions, errors, irregularities, and disputes.
• Review sales journal, general ledger, cash receipts journal, accounts receivable subsidiary ledger, and accounts receivable trial balance for large or unusual amounts.
• Verify accounts receivable balance by mailing positive confirmations.
Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the Fraud
Detection Effectiveness of Standard Audit Procedures,”
Journal of Forensic
Accounting , Vol. 4, 2003, p. 209 445

Sales/Collection Cycle (Contd.)
•
Examine internal controls to verify that each cash receipts and credit sales transactions are properly recorded in the accounts receivable subsidiary ledger.
• Examine subsequent cash receipts and the credit file on all accounts over 120 days and evaluate whether the receivable are collectible.
• Compare dates of deposits with dates in the cash receipts journal and the prelisting cash receipts.
• Examine copies of invoices for supporting the bills of lading and customers’ orders.
Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the
Fraud Detection Effectiveness of Standard Audit Procedures,”
Journal of Forensic Accounting , Vol. 4, 2003, p. 209
446

Inventory/Warehouse Cycle
These 14 standard audit procedures were judged by external and internal auditors as being more effective for detecting fraud in the inventory and warehousing cycle (in descending order):
• Discover related party transactions.
• Follow up exceptions to make sure they are resolved.
• Review major adjustments for propriety.
• Review inventory count procedures: a. Accounting for items in transit (in and out); b. Comparison of counts with inventory records; and c. Reconciliation of difference between counts and inventory records.
• Review adequacy of physical security for the entire inventory.
• Confirm inventories in public warehouse.
• Review procedures for receiving, inspecting, and storing incoming items and for shipments out of the warehouses.
Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the
Fraud Detection Effectiveness of Standard Audit Procedures,”
Journal of Forensic Accounting , Vol. 4, 2003, p. 206-207
447

Inventory/Warehouse Cycle (Contd.)
•
Trace shipments to sales records, inventory records, and bill of lading (shipping documents).
• Determine if access to inventory area is limited to approval personnel.
• Observe the physical count of all location.
• Recount a sample of client’s counts to make sure the recorded counts are accurate on the tags (also check descriptions and unit of count, such as dozen or gross)
• Trace inventory listed in the schedule to inventory tags and the auditor’s recorded counts for existence, descriptions, and quantity.
• Trace shipments to sales journal.
• Perform compilation tests to insure that inventory listing schedules agrees with the physical inventory counts.
Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the
Fraud Detection Effectiveness of Standard Audit Procedures,”
Journal of Forensic Accounting , Vol. 4, 2003, p. 206-207.
448

Payroll/Personnel Cycle
These 12 standard audit procedures were judged the more effective for detecting fraud in the payroll and personnel cycle (in descending order):
• Sample terminated employees and confirm that they are not included on subsequent payrolls and confirm propriety of termination payments.
• Observe the actual distribution of payroll checks to the employees.
• Observe the duties of employees being performed to insure that separation of duties between personnel, timekeeping, journalizing payroll transactions, posting payroll transactions, and payroll disbursement exists.
• Examine internal controls to verify that hiring, pay rates, payroll deductions, and terminations are authorized by the personnel department.
• Sample personnel files and physically observe the presence of personnel in the work place.
Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the
Fraud Detection Effectiveness of Standard Audit Procedures,” Journal of Forensic Accounting , Vol. 4, 2003, p. 208.
449

Payroll/Personnel Cycle (Contd.)
• Examine internal control over payroll records to verify that payroll transactions are properly authorized.
• Discover related party transactions.
• Review the files of new hires for appropriate approvals, pay rates, and dates of accession.
• Review the payroll journal, general ledger, and employee individual pay records for large or unusual amounts.
• Examine internal controls to verify that unclaimed payroll checks are secured in a vault or safe with restricted access.
• Examine internal controls to verify that employee time cards and job order work tickets are reconciled.
•Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the
Fraud Detection Effectiveness of Standard Audit Procedures,”
Journal of Forensic Accounting , Vol. 4, 2003, p. 208.
450

Herling, D.J., and J. Turner, “Fraud: Effective Use of Legal Remedies for
Corruption,” 9 th International Anti-Corruption Conference , October 13, 1999.
PowerPoint presentation slide 56. http:// www.transparency.org/iacc/9 th _iacc/papers/day3/ws1/dnld/d3ws1_djherling.ppt
451

1.
2.
3.
4.
5.
You receive a tip on the company’s hot line that there has been some fraud in the collections area. What five audit steps would you suggest using in order to find the fraud?
During a brainstorming session, a suggestion is made that the most likelihood of fraud in a particular division is in the area of acquisition and payment cycle. Outline five audit steps to help find any potential fraud.
While auditing a company you notice an employee in payroll who is living beyond his means (e.g., clothes, automobiles, housing). His wife does not work. Suggest six audit steps to help satisfy you there is no fraud in the payroll and personnel cycle.
An anonymous e-mail is sent to an internal auditor that there is fraud in the inventory/ warehousing cycle. Suggest some appropriate audit steps.
What is meant by the hockey stick pattern?
452

453

454

455