Week 1 – Intro to Forensic Accounting and Internal Audit, The Forensic Accounting Legal

Environment
What is Fraud?
 It is an intentional deception, that causes its victims to suffer an economic loss and or
the perpetrator to realize a gain
 A simple working definition of fraud is theft by deception
 Fraud has to be intentional (fraud vs. error)
o E.g. white collar crimes are difficult to prove because you do not see the action
and therefore can’t determine if an error was made or if it was intentional fraud
Major Categories of Fraud
 Asset misappropriation
 Corruption and abuse
 Financial statement fraud
 Other fraudulent statements

Who Commits Fraud and Why?

 Trust violators
 Fraud perpetrator profile:
o Male
o Well educated
o Middle age to retired
o Accountant, upper management, or executive
o With the company for 5 or more years
o Acts alone
o Never charged or convicted of a criminal offense in the past

Forensic Accounting
 Forensic accounting is the application of investigative and analytical skills for the
purpose of resolving financial issues in a manner that meets standards required by
courts of law
 It is broader than fraud examination
 Includes services related to the purchases of business, valuation of divorce assets,
determination of the dollar value of damages to business property, dispute resolution,
and sale of lost profits
 Forensic accountants apply special skills in accounting, auditing, finance, qualitative
methods, certain areas of the law, research, and investigative skills to collect, analyse,
and evaluate evidential matter and to interpret and communicate findings

Fraud Examination vs Forensic Accounting

 Fraud examination is a branch of forensic accounting that focuses on fraud
investigations
 Forensic accounting can be classified into two categories
o Investigative services
  Frequent focus on fraud investigation
 May or may not lead to courtroom testimony
 Services in which those knowledgeable in accounting detect, prevent, and
control fraud, defalcation, and misrepresentation
o Litigation services
 Can include areas such as mediation, arbitration, business valuation, and
expert testimony
 Recognize the role of the accountant as an expert, consultant, and other
roles
 Services offered to resolve valuation issues

Comparative Analysis: Accountant, Auditors, and Forensic Accountant

The Forensic Accounting Profession

  Need minimum level of knowledge in the following areas
o Auditing skills
o Investigative skills
o Criminology
o Accounting knowledge
o Legal knowledge
o IT knowledge and skills
o Communication skills
 Opportunities in forensic accounting
o Fraud prevention and investigation, litigation support, computer forensics
 Forensic accounting organizations
o Association of certified fraud examiners
o The American college of forensic examiners
o The association of certified fraud specialists
o The national association of certified valuation analysts
o The national litigation support services association
o The institute of business appraisers
o The American institute of certified public accountants
o Association of certified forensic investigators of Canada

Careers in Forensic Accounting

Employer Position
Various companies/organizations Internal auditor
Compliance officer
CPA/consulting firms External auditor
Valuation analyst
Expert witness
Consulting expert
Fraud investigator
Insurance companies Claims examiner
Fraud investigator
Ontario Securities Commission Financial analyst
Examiner
CRA Tax examiner
Criminal investigator
Government Auditor
Forensic investigator

Mindset of the Forensic Accountant

 Both researcher and problem solver
 Intellectually curious
 Instinct to explore challenging problems
 Willing to question their own pre-existing judgement and conclusions
  Embrace systemic thinking
 Should not rush to judgement

Forensic Accounting Skills

 Critical thinking
o Rational
o Skeptical
o Reasonable
o Well-informed
o Open minded
o Self-aware
o Persistent
 Reasoning
o Problem-solving skill that involves drawing inferences or conclusions from known
or assumed facts
o Deductive reasoning – reasoning from the general to the specific, or from the
premises to a logically valid conclusion
o Inductive reasoning – draws conclusions from patterns
 Communication
o Strong communication skills, both written and oral
o Written reports must be clear, concise but comprehensive, and grammatically
correct with a professional tone
o Must be able to relate findings in a simple, professional, and convincing manner
o Failure is often caused by body language, voice tone, and words

Forensic Accounting Practice Components

Categories of Forensic Accounting Services

 Investigative services
o A systematic inquiry, search, or research to obtain facts regarding a specific or
general concern or concerns
o Include all forensic accounting engagements that do not involve actual or
threatened litigation
o Generally related to corporate investigations
 Initiated for the purpose of protecting the organization and its assets
from internal or external threats
o Fraud detection
 Actual discovery of fraud
 Includes a variety of techniques
 Auditors cannot be relied on to detect fraud
o Fraud examination
 Conducted after a crime has been committed
 Primary focus is to investigate the allegations
o Fraud deterrence
 Proactive strategies to prevent fraud
 Includes both short-term and long-term initiatives
 Short-term – evaluation of hiring practices, internal controls, and
performance monitoring
 Long-term – address issues such as organizational culture and the
tone set by top management
o Other
 Whistleblower complaints and financial viability concerns
 Whistleblower complaint is a disclosure by a person of
wrongdoing within the organization
 Financial viability investigations include short- or long-term
assessments of financial and managerial sustainability
  Litigation services
o Provided in connection with actual, pending, or potential legal or regulatory
proceedings
o Broad categories
 Expert witness services
 All evidence in trial is presented by a witness
 Fact witnesses and expert witnesses
 Consulting services
 Forensic accountant may also be engaged by an attorney as a
consulting expert

Overview of the Legal Environment (Ch 2 page 15)

 The forensic accountant constantly works in the legal environment and for this reason
must have a broad, basic understanding of the legal systems
 Civil and criminal procedures are especially important to the forensic accounting
because they define the logical steps that are followed in investigations and criminal and
civil litigation, and forensic accountants can be called to participate in almost all of the
major steps
 Criminal cases
o Involve possible violation of some criminal statue
o Involve special constitutional rights for defendant
o High burden of proof – judge must be convinced that defendant is guilty without
a reasonable doubt
o Private/government attorney representing one part in a dispute that involves
monetary or equitable relief
 Civil case
o No constitutional rights and low burden of proof
o Prosecutor represents the people
Common-Law Financial Crimes
 Larceny – intentionally and permanently converting another’s property to an individual’s
own use or possession
 Burglary – unlawfully entering any building or structure with the intent of committing a
crime
 Conspiracy – two or more people agree to commit a crime with common intent and
then act on that intent
 Embezzlement – must first have lawful possession
 Fraud – false pretenses
 Robbery – force or threat of force in presence of victim
 Extortion – threat of future force
 Arson
 Solicitation
 Aiding and abetting
 Week 2 – Accounting Information Systems and Internal Control
Business Processes
 To work effectively, all accountants, including forensic accountants, must be familiar
with accounting information systems
o AIS – complicated systems that keep records, produce financial reports, and
automatically make programmed management decisions
 A business process is a set of coordinated activities and tasks that accomplish some
organizational goal
o They are reviewed to identify what could go wrong (internal control to prevent
risk)
 Typically work with AIS in pieces because of complexity
o Generally ineffective to divide AIS into pieces along the lines of a company’s
organizational chart
o Generally, more useful to divide the AIS into various interrelated business
processes
 There is no one right way to divide a company’s AIS into component business processes.
One traditional approach is to divide the major operational activities into four
transaction cycles:
o Revenue – begins with a customer order and ends with the receipt of customer
payments
o Expenditures – begins with purchase requisition and ends with payment to
vendor
o Production – begins with production requisition and ends with finished goods
being sent to customer
o Finance – begins with collection of cash from customer and ends with payments
for the goods sold

Revenues, Receivable, and Receipts Process: Typical Activities

 Receiving and processing customer orders
 Delivering goods and services to customers
 Billing customers and accounting for receivables
 Collecting and depositing cash
 Reconciling bank accounts
 Process: Customer orders  credit granting  warehousing shipping and delivery  bill
customers  collections

Purchases, Payments, and Payables Process: Typical Activities

 Purchasing goods and services
 Paying the bills
 Process: Request for purchases  receive goods and services  receive vendor invoice
 enter accounts payable  cash disbursement
Payroll Cycle: Typical Activities
 Personnel management and the payroll accounting process include transactions that
affect the wage and salary account and a number of related accounts:
o Personnel and labour relations – hiring and financing
o Supervision – approval of work time
o Timekeeping and cost accounting – payroll preparation and cost accounting
o Payroll accounting – cheque preparation and related payroll reports
o Payroll distribution – actual custody and distribution to employees
 Process: Personnel hiring/firing  compensation determination  supervision,
attendance, and work  payroll accounting  payroll distribution  cash
disbursement

Internal Control
 Internal control is a process effected by management, the board of directors, and other
personnel that is designed to minimize risk exposures to an acceptable level given the
company’s objectives
 Risk exposures include events that can adversely affect the company, such as asset
losses due to theft or spoilage, accounting errors and their consequences, revenue
losses, expense overruns, business interruptions, fraud and embezzlement, fines and
penalties, civil liabilities, and losses of competitive advantage
 The general rule is that internal controls must provide a reasonable assurance that they
will achieve their objectives. They must reflect a balance between the benefits of
reducing risk exposure verses the costs of implementing the controls
 Must be designed within the context of managements enterprise risk management
system
o Involves weighing various opportunities against related risks, and managing the
opportunities and risks in a way that is consistent with managements objectives
and risk preferences
Objectives and Components of Internal Control
 General objective – reduce risk exposure to an acceptable level
 Specific objectives include the following
o Ensuring the integrity and reliability of the financial reports
o Ensuring compliance with applicable laws, regulations, professional rules, and
contractual obligations
o Promoting strategic, tactical, and operational efficiency and effectiveness
 Achieving the objectives requires a broad, encompassing view of internal control that
requires not only specific policies and procedures but also a control-conscious corporate
culture and right type of leadership from the CEO, CFO, and BoD
Management vs The Auditor
 It is managements responsibility to establish and maintain internal controls
o Good internal controls reduce the likelihood of errors and frauds
 The auditor assists management in their responsibility by reviewing the internal controls
and informing them of any weaknesses

Managements Objectives
 Cost-effective
 Reliable control systems for accounting and operating data
 Safeguard assets and record
 Promote operational efficiency
 Encourage adherence
 Prevent and detect error, fraud, or illegal acts

Components of Internal Control

1. Control Environment
o Tone at the top
o Represents the overall atmosphere in which employees operate
o Actions, policies, and procedures that reflect the overall attitudes of top
management, directors, and owners of an entity about controls
o The essence of an effectively controlled organization lies in the attitude of its
management
o Control environment factors are assessed as part of the knowledge of business
and are used to develop the client risk profile
o Components of control environment
 Management philosophy and operating style – management sets tone at
the top
 Ethics and the corporate culture – ethics director and code of conduct,
whistleblower system, audit corporate culture
 Clearly assigned employee responsibilities – employee charge and
discharge. Employees charges with responsibilities and accountability
 Effective and independent audit committee
 Effective and independent internal audit – ensure compliance with all
internal control processes. Report to BoD but not CEO, CFO, or top
management
 Effective HR policies and procedures – exercises in hiring, assessment of
responsibilities, training, supervision, and vacations
 Risk assessment and management
2. Managements Risk Assessment
o Management needs to
 Identify risks
 Estimate significance
 Assess likelihood of occurrence
  Develop action plans to reduce the risk to an acceptable level
o Management must
 Identify its opportunities and objective
 Define the risks for those opportunities and objectives
 Design internal control processes to manage identified risks
3. Control Activities
o The policies and procedures that help ensure that management directives are
carried out
o Occurs at all levels of the organization
o Adequate segregation of duties (authorization, custody, and recordkeeping)
 Golden rule: the accounting staff should never have temporary control
over operational resources and should only maintain information systems
 Separation of
 Custody of assets from accounting
 Operational responsibility from recording or data entry of
transactions
 Systems development or acquisition and maintenance from
accounting
 Computer operations from programming and accounting
 Reconciliation from data entry
o Adequate documents and records
 Accounting system must record all financial transactions, and the record
must include and audit trail
o Controlled access to assets and records
 Safeguarding of assets
 Only access with managements authorization
 Requires adequate physical and procedural controls
o Independent accountability checks/independent check of performance and
review of performance
 Periodic checks of assets and liabilities
o Approval and authorization
 Approval – grants managements acceptance of a transaction that has
been already authorized
 Authorization – grants managements permission for the initiation of a
transaction
4. Information and Communication
o Information primarily relates to the accounting system
o Communication relates to the flows of information through the organization
o The accounting system should be well documented, beginning with a clearly
defined chart of accounts and a system of special journal and subsidiary ledgers
as needed
o All transactions should be processed on a consistent basis
 o All forms (paper or electronic) should be clear and simple to minimize input
errors, and double checks should be in place to detect input or processing errors
o All transaction and relevant activities should be properly recorded with proper
audit trails
5. Monitoring
o The process must be continually monitored and updated as needed
o Internal control monitoring is part of the general corporate governance structure
and involves the CEO, CFO, CIO, corporate legal counsel, internal auditors, and
members of the audit committee
 All of these individuals should periodically review reports on the
functioning of the internal control process
o Both external and internal audits involve monitoring the internal control
processes to assess their reliability and effectiveness
 This is normally accomplished by various analytical tools that include
reviews of documents, questionnaires, interviews, review of the accounts
and transaction data, and tests of compliance

Limitations of Internal Controls

 People make mistakes (accidental or deliberate)
o Effectiveness depends upon the competency and dependability of individuals or
systems executing the controls
 Most internal controls can be overridden by management or there could be collusion
o So, there is no such thing as 100% internal control
 Internal controls provide reasonable, but not absolute, assurance that there is no errors
or fraud

Transaction Processing Controls

 Controls that are relevant to implementing good internal control processes within
specific transaction cycles
o General controls – pertain to the overall environment and apply to all
transactions
 The general plan of organization for data processing should include
segregation of duties so that data processing is segregated from other
organizational functions
 General operating procedures include good documentation, training, and
systems for the prevention, detections, and correction of internal control
violations
 Hardware control policies and procedures limit exposures to hardware
problems
 General access controls for data and hardware prevent unauthorized
changes to critical data
o Application controls – apply to specific applications, processes, and transactions
 Generally classified as input, processing, and output controls
 These controls ensure the accuracy, integrity, and security of the
processes of collecting input data, processing input data, and distributing
processed data
 Accuracy means that data are free from errors
 Input controls – no errors are made in capturing the transaction
 Processing controls – no errors are made in processing
 Output controls – no errors exist in reports and other outputs
 Integrity means that the data remain intact in that nothing is added to or
removed from the transaction data as they pass through the system
 Input controls – integrity means that only authorized transactions
are captured, and that no unauthorized data are added or
removed
 Processing controls – no data are added or lost during processing
 Output – outputs are not modified in any way before reaching
final destination
 Security means that only authorized persons are granted access to the
system
 Input controls – security helps ensure that only authorized
employees are permitted to enter transactions into the system
 Processing controls – helps ensure that only authorized persons
are able to effect processing
 Output – helps ensure that only authorized persons have access
to reports and other outputs
 Week 3 – Internal Audit
New Definition of Internal Auditing
 Found in the IA Charter S.1000
 Internal auditing is an independent objective assurance and consulting activity designed
to add value and improve an organization’s operations. It helps an organization
accomplish its objectives by bringing a systematic, disciplined approached to evaluate
and improve the effectiveness of risk management, control, and governance processes
 Key elements of definition:
o Independence – the freedom from conditions that threaten objectivity or the
appearance of objectivity
o Objectivity – an unbiased mental attitude that allows internal auditors to
perform engagement in such a manner that they have an honest belief in their
work product and that no significant quality compromises are made
o Assurance
o Consulting
o Adding value – value is provided by improving opportunities to achieve
organization objectives, identifying operational improvement and/or reducing
risk exposure through assurance and consulting
o Risk management – process conducted by management to understand and deal
with uncertainties
o Control – process conducted by management to mitigate risks to acceptable
levels
o Governance processes – conducted by the BoD to authorize, direct, and oversee
management toward the achievement of organizational objectives
o Helping organization accomplish its objectives:
 Strategic objectives – value creation choices management makes on
behalf of stakeholders
 Operations objectives – effectiveness and efficiency of operations
 Reporting objectives – reliability of internal and external reporting
 Compliance objectives – adherence to applicable laws and regulations

What is Risk?
 The uncertainty of an event occurring that could have an impact on the achievement of
objectives
 It is measured in terms of consequences and likelihood

Risk Management Process

 Establish the context
 Identify risks
 Analyze risks
  Rank risks
 Take action
 Monitor and review
Audit Committee – Corporate Governance
 Committee of persons with specialized knowledge
 Oversee executive management, external audit, and internal audit
 Should:
o Consist of a majority of non-executive directors
o Meet regularly; minimum of four times a year
o Not be chaired by the chief executive
o Approves audit plans and receives audit reports
 Recommended by all Corporate Governance studies

Modern Internal Audit

 Modern internal auditing is a service to management. It supports management by
identifying where the organization is most vulnerable and how governance and control
can be strengthened
 Assurance services
o Value for money audits
o Financial and internal control audits
o Compliance reviews
o Forensic and fraud investigations and special reviews
 Auditory and assistance services
o Risk assessment and control reviews
o Advice on governance, controllership, accountability and sound business
practices
o Training and education on risk and control
 Information management and technology services
o Specialized audit
o Risk assessment and advisory services in IM and IT projects including new
systems under development
o Systems and IT project management
o Information and infrastructure security and IT operations

Value of Internal Audit

 Objective assurance on governance, risk management and control processes to achieve
organizational goals
 Insight on effectiveness and efficiency of governance, risk, and control processes with
recommendations for improvements
 Independent source of objective advice
Why Have Internal Audit?
 Cornerstone of strong governance
 Bridges the gap between management and the board
 Assesses the ethical climate and the efficiency and effectiveness of operations
 Serves as an organization’s safety net for compliance with rules, regulations, and overall
best practices

Professionalism in IA
 Independence
 Competent and motivated staff
 Good procedures and documentation
 Quality assurance mechanisms, including supervision and internal and external reviews

Key Attributes for Internal Audit

 Integrity
 Passion
 Work ethic
 Curiosity
 Creativity
 Initiative
 Flexibility

The Institute of Internal Auditors

 IIA provides guidance to the profession in the form of a professional practices
framework which includes:
o A code of ethic and standards
o Practice advisories
o Development and practice aids

Independence
 Independence is the cornerstone
 Independence demonstrates that profession and its opinion are credible
 Concept is enshrined in Code of Ethics as well as the CPA handbook
 Seven Ps of independence
o Position and reporting lines
o Planning profile and unrestricted access to all aspects of the organization
o Performance standards
o Professional staff (no conflicts of interest from previous positions or
engagements)
 o Presentation of findings without fear
o Persistence (follow up until properly addressed)
o Proficient reconciliation of assurance and consulting ideas
Internal Audit
 Separate from normal operations
 A staff (personnel) function
o No line authority
o Recommend not instruct/implement
 Objective due to distance from operations
 Reporting to a high enough level to maintain independence

Developing Observations and Formulating Recommendations

 After completing the testing, gathering the evidence needed, evaluation the evidence
and reaching conclusions, the final step for the internal auditor to complete is to
develop the observations and formulate recommendations
 Condition
o What is (facts – what was found)
 Criteria
o What should be (standards, measures, expectations)
 Cause
o Why condition exists (what allowed it to happen)
 Effect
o Risk inherent in the condition (what could or did go wrong)
 Recommendation
o IA’s recommendation to management (must address/fix the issue)

IA’s Responsibilities for Detecting Fraud

 IA’s primary responsibilities regarding fraud are in the areas of prevention and reporting
 Section 1120.A2 of the IIA Auditing Standards states:
o The internal auditor should have sufficient knowledge to identify the indicators
of fraud but is not expected to have the expertise of a person whose primary
responsibility is detecting fraud
 Sufficient knowledge of fraud indicators
 Be alert to opportunities – control weaknesses
 Evaluate indicators that fraud has been committed and decide on further action
 Notify appropriate authorities

What Should IA’s Consider?

 What fraud risks are being monitored
 What specific procedures does the IA function perform to address management
override
 What competencies/skills do IA need to address risk and fraud of the organization
  How IA should devote attention to preventative, detective, and investigative aspects of
fraud

Main Steps in a Fraud Investigation

 Conduct reviews
 Select audit procedures to obtain appropriate evidence
 Obtain and evaluate evidence
 Determine the potential loss
 Identify the specific cause or deficiency
 Prepare a report
 Week 4 – Audit
What is an Audit?
 Auditing is the accumulation and evaluation of evidence about information to determine
and report on the degree of correspondence between the information and established
criteria
 Auditing is done by a competent, independent person
 Auditing vs accounting
o Accounting – process of recording, classifying, and summarizing economic events
in a manner that helps decision makers make decisions based on financial data
o Auditing – process that determines whether the financial data that has been
recorded, classified, and summarized are reliable. Involves examining accounting
information

Need for FS Audits

 Conflict of interest (bias or motives)
o User vs preparer
 Consequences of error
o Significance of decisions of user
 Complexity and volume of data
o Subject matter, data conversion issues
 Remoteness of information
o Used from subject matter and preparer

Users of Financial Statements

 Investors
 Bank
 Creditors and suppliers
 Employees
 Tax authorities
 Customers

External Audit vs Internal Audit

External Audit Internal Audit
Appointed by Shareholders for statutory Directors
audit
Reporting to Shareholders for statutory Directors
audit
What they check Annual FS for statutory audit Determined/Approved by
directors
Legal requirement Yes, for statutory Typically, no
 Independence Must be independent Ideally should be, but not
always

Acceptance of an Audit – Considerations

 Is the auditor competent?
 Is the auditor independent?
 Management integrity?

Management Assertions and Audit Objectives

 The practical audit objectives are to obtain and evaluate evidence about assertions
made by management in financial statements
 Five principal assertions:
1. Existence or occurrence
o Pertains to whether the assets/liabilities listed on the balance sheet exist
and whether the transactions reported in the FS occurred during the
period covered
o Establish with evidence that:
 Assets, liabilities, and equities actually exist
 Revenue and expense transactions actually occurred as of a
proper date
 Cut-off considerations to existence (no transactions from the next
period should be recorded at the statement date)
2. Completeness
o Addresses whether all assets, liabilities, and operational items are
included in the company’s FS
o Establish with evidence that all transactions and accounts that should be
presented in the financial reports are actually included
 No items belonging to the FS have been missed
 Cut-off considerations
3. Rights and Obligations
o Establish with evidence that amounts reported as assets of the company
represent property rights and the amounts reported as liabilities
represent obligations
o Indicates that the company has a right to use the assets show and an
obligation to pay the liabilities listed
4. Valuation
o Determine whether proper values have been assigned to assets,
liabilities, equities, revenues, and expenses
o Addresses the correctness of amounts in the FS
5. Presentation and Disclosure
o Determine whether the accounting principles are properly selected and
applied and whether disclosures are adequate
 o Implicitly states that the components of the F/S are properly combined,
described, and disclosed

Transaction Related Balance Related Presentation & Disclosure

Related
 Occurrence  Existence  Occurrence
 Completeness  Rights and obligations  Rights and obligations
 Accuracy  Completeness  Completeness
 Cut-off  Valuation and allocation  Classification
 Classification  Accuracy and valuation

Sufficient Appropriate Audit Evidence in Auditing

 Standards require auditors to obtain sufficient appropriate audit evidence
 Sufficiency refers to quantity
 Appropriate refers to reliability of the evidence

General Audit Procedures – Types of Evidence

 Recalculation (reperformance)
o Performing independent calculations or recalculating the clients’ calculations
 Computation produces highly reliable mathematical evidence
 Computation addresses accuracy regarding valuation and allocation
o Provides evidence on how well the task was originally performed
 Observation
o Looking at the application of policy or procedures by others
o Reliable evidence as to performance at the time of observation
o Produces a general awareness of events
o Observing the client counting inventory for example
o Best used when employee/client is not aware that they are being observed
 Confirmation
o Consists of written enquiry to 3rd party to verify accounting records
o Confirmation with independent parties is sued widely for a variety of
transactions and balances
 E.g., confirm a/r balances
o Confirmation can produce evidence regarding existence, ownership, and
accuracy regarding valuation and allocation and cut-off
o From highest to lowest reliability:
 Positive ‘in blank’
 Positive
 Negative
 Enquiry
o Involves the collection of oral evidence from the client and independent third
parties
o Evidence from enquiry requires corroboration
 o Evidence from enquiry is important in understanding the client’s business
o Audit standards now put more reliance on enquiry as a means to understanding
strategy, risks, and controls
 Documentation/Inspection
o Looking at records, or documents (invoices, shipping documents, board of
director minutes)
o Reliable evidence for existence
o Documents can be prepared by independent outside parties as either formal
authoritative or ordinary documents
 Physical inspection (examination)
o Inspecting assets (petty cash, equipment)
o Reliable evidence for existence, support valuation
 Analytic Procedures
o Compare current year to prior year
o Compare current year to budget
o Evaluate current year balances against other current year balances
o Compare financial ratios to industry standards
o Study relationship of balances and non-financial information
o Required at the planning and completion stage

Reliability of Evidence
 High
o Auditors direct, personal knowledge:
 Gained through observation and recalculation
 Most reliable evidence
o External evidence
 Documentary evidence that is obtained directly from independent
sources
 Very reliable
 Medium
o External-internal evidence
 Documentary evidence that originates outside the client’s system, but
that has been received and processed by the client
 This is reliable evidence although circumstances of internal control are
important
o Observation
 Done by auditor
 Point in time and client is aware that auditor is observing them
 Low
o Internal evidence
 Evidence that is produced within the client’s system
 Low reliability, but used extensively under satisfactory internal control
conditions
  Plentiful and easy to obtain, less costly than other evidence
o Analysis
 Broad analytical procedures of general nature are not considered highly
reliable
 Used for preliminary risk identification and attention directing early in the
audit
 Analysis using specific data the auditor has verified produces evidence
that is fairly reliable
o Spoken and written representations
 Evidence that comes from the clients’ officers, directors, management,
and employees in response to enquiry
 Generally considered the weakest form of evidence
 Representations should be corroborated with other types of
evidence

Fraud Risk Assessment

 Employee fraud – fraudulently taking money or other property from an employer
(misappropriation of assets)
 Fraudulent financial reporting – type of fraud perpetrated by management though
exploitation of its authority (financial statement fraud)

CAS 240 – The External Auditor’s Responsibilities Relating to Fraud in an Audit of FS

 The auditor has an active responsibility to determine the likelihood that fraud might
exists and needs to adjust audit procedures when fraud risk factors exist
 Fraud risk factors
o Incentive
 The pressure to commit fraud
 FS Fraud – common incentive is decline in earnings
 MA – an individual with financial problems
o Opportunity
 The perception to be able to commit the fraud and remain undetected
 Perception is key – must believe it will remain undetected
 FS Fraud – risk increases if lots of judgement and estimated
 MA – lack of internal controls or ability to circumvent internal controls
o Rationalization
 To provide a morally acceptable excuse to justify why the crime is not
really a crime
 Example – Nick Leeson (rogue trader that brough down Barings Bank)
 I don’t think of myself as a criminal. I didn’t steal any money
 It never entered my mind that Barings would fold as a result
 As stupid as it may sounds, none of this is really real money
 It’s not as if you had cash sitting in front of you
o Capability
Fraud Warning Signals
 Managers have life to the auditors or have been overly evasive (attitude)
 The auditor’s experience with management indicates a degree of dishonesty (attitude)
 Management places undue emphasis on meeting earnings projections (incentive and
attitude)
 Frequent disputes with auditors (attitude)
 The client has engaged in opinion shopping (attitude)
 Managements attitude toward financial reporting is unduly aggressive (attitude)
 Weak control environment (opportunity)
 Management compensation depends on meeting quantified targets (incentive)
 Management display significant disrespect for regulatory bodies (attitude)
 Management operating and financial decisions are dominated by a single person or a
few persons acting in concert (opportunity)
 Client managers display a hostile attitude toward the auditors (attitude)

Key Step CAS 240 – Professional Skepticism

 Questioning in mind
 Critical assessment of audit evidence
 Possibility of fraud may be present despite past experiences and auditor’s beliefs of
integrity

Key step – Develop Revised Audit Plan

 Increase your testing (pick larger sample sizes)
 Increase your professional skepticism
 Alter the timing of your audit procedures (more of a surprise basis)
 Obtain more reliable evidence
 Communicate the existence of fraud
o Report to level where effective action can be taken
o Material weaknesses – report to audit committee
o Financial statement fraud – report to audit committee
o Illegal acts
 Document audit procedures
 Week 5 – Financial Statement Fraud
Defining Financial Statement Fraud
 Any undisclosed intentional or grossly negligent violation of GAAP that materially affect
the information in any financial statements
 Falsification, alteration, or manipulation of material financial records, supporting
documents, or business transactions
 Material international omission or misrepresentations of events, transactions, accounts,
or other significant information from which financial statements are prepared
 Deliberate misapplication of accounting principles, policies, and procedures used to
measure, recognize, report, and disclose economic events and business transactions
 Intentional omissions of disclosures, or presentation of inadequate disclosers, regarding
accounting principles and policies and related financial amounts

Fraud in Financial Statements

 Pressure on upper management to show earnings
 Subjective nature of the way books and records are kept
 Three general questions that go to the heart of these crimes
o Who commits FS fraud?
o Why do people commit FS fraud?
o How do people commit FS fraud?

Who Commits Financial Statement Fraud?

 Senior management
 Mid and lower-level employees
 Organized criminals

Why Do People Commit Financial Statement Fraud?

 Senior managers and business owners may ‘cook the books’ for several reasons
o To conceal true business performance
o To preserve personal status/control
o To maintain personal income/wealth

Why Do People Commit Financial Statement Fraud?

 Three general ways in which fraudulent financial statements can be produced:
1. Playing the accounting system
2. Beating the accounting system
3. Going outside the accounting system
 Commonly starts with the first method and progressively incorporates the other two
FSF Overview
 Various general areas for FSF schemes
o Improper revenue recognition
o Overstatement of assets (other than A/R related to revenue fraud)
o Understatement of expenses/liabilities
o Misappropriation of assets
o Inappropriate disclosure
o Other miscellaneous techniques
 About half of all FSFs involve overstating revenues/assets

Revenue Schemes
 Sham sales – recording fictitious sales; includes falsified sales, inventory, and shipping
records
 Premature revenue recognition – record sales after receiving orders but before shipping
goods
 Recognition of conditional sales – record sales for transactions that are not complete
because of unresolved contingencies
 Abuse of cut-off date of sales – keep books open after closing date and include next
period sales in current year
 Misstatement of percentage of completion – overstate percentage that projects are
complete and therefore overstate revenue
 Unauthorized shipments or channel stuffing – company has relationship with customer
in which it automatically ships goods according to estimate of demand. The company
(sellers) takes advantage and ships too many goods toward the end of the period.
 Consignment sales – records consignment sale shipments as regular sales

Schemes Involving Overstating Assets

 Inventories – miscounting ending inventory on hand. Most common because no
fraudulent transactions are made
 A/R – overstated by understating allowances for bad debts or falsifying accounts
balances
 PPE – depreciation is not taken when it should be, or PPE is simply overstated. A
corresponding overstatement is made to revenue
 Other overstatements – these involve other accounts such as loans/notes receivables,
cash, investments

Schemes Involving Improper Accounting Treatment

 Recording an asset at market value or some other incorrect value rather than cost
 Failing to charge property depreciation or amortization against income
 Capitalizing an asset when it should be expensed
 Improperly recording transfers of goods from related companies as sales
  Not recording liabilities to keep them off the balance sheet
 Omitting contingent liabilities from the financial statements

Other Schemes
 Fictitious and fraudulent transactions – recording sham transactions and legitimate
transactions improperly
 Fraudulent transaction processing – intentionally misprocessing transaction to produce
fraudulent account balances
o Example: accounting software is modified to incorrectly total sales and A/R so
that all the transactions in the account are real, but the total is overstated
 Direct falsification of financial statements – producing false financial statements when
management ignores account balances

Characteristics of Financial Statement Fraud

 Tends to involve misstatement/misappropriation of assets that is a substantial portion
of total assets
 The median amount of the fraud is approx. 25% of the median total assets
 Most frauds span multiple fiscal periods with the average fraud time being approx. 2
years
 The majority of fraud involves overstating revenues by recording them fictitiously or
prematurely
o Common for misstatements to occur near the end of the fiscal year or quarter
 FSF is much more likely to occur in companies whose assets are less than $100 million
 FSF is much more likely to occur in companies with decreased earnings, earnings
problems, or a downward trend in earnings
 Either the CFO or CEO is involved
 In many cases, the BoD has no audit committee or one that seldom meets, or none of
the audit committee members has the required skills to perform as intended
 The members of the board are frequently dominated by insiders or by those with
financial ties to the company
 Auditor changes occurred about one fourth of the time in and around the time of fraud

Motives for FSF

 Poor income performance – make I/S look better
 Impaired ability to acquire capital – poor results can impair company’s ability to raise
capital through financing and other offerings
 Product marketing – hide financial problems to keep buyers, who tend to shy away from
companies that are having financial problems
 General business opportunities – make company look better and increase access to
business opportunities
 Compliance with bond covenants – hide inability to meet various covenants
 Generic greed – way to get ahead, keep their positions, increase salaries/other
management benefits, and meet terms of incentive-based contracts
Prevention of FSF
 Minimize FSF by promoting strong corporate governance and organizational oversight
through the oversight of the following 6 organizational groups:
o BoD – must have competent, experienced members who actively participate in
the company’s governance process
o Audit committee – consist of board members w/ knowledge and experience in
accounts and its systems
o Management – CEO and CFO must be actively involved in all major aspects of
internal control process development
o Internal auditor – report directly to audit committee. Serve as independent
check on top management and to ensure quality internal control processes and
compliance
o External auditor – independent of campy in fact and appearance
o Public oversight bodies – set standards for auditors

Indications of Possible FSF

 Lack of independence (between management, internal auditors, and external auditors),
competence, oversight, or diligence
 Weak internal control process
 Management style – excessive pressure to perform, excessive focus on short term
performance, excessively authoritarian style, poor strategic and operational planning,
excessive risk taking
 Personnel-related practices – high turnover, hiring unqualified employees,
inexperienced top management, inadequate compensation, low employee morale
 Accounting practices – loss of records, PY restatement, weak audit trails, late reports,
late/unusual adjustments, weak/poor accounting system
 Company’s financial condition – declining NI, CF, Revenues, increase in leverage, tax
problems, inadequate liquidity
 Industry environment and conditions – volatility, one-product company in a declining
industry

Management “Red Flags”

 Weak internal controls; management override of controls
 Management decisions dominated by an individual
 Management places great emphasis on earnings
 Management engages in frequent disputes with auditors
 Ineffective monitoring of management
 High turnover of management in key roles
 Accounting personnel are inexperienced
 Usually rapid growth or profitability
 Consistently late reporting information
  Complex transactions or organization structures
 Undue reliance on significant estimates and judgement
 Tolerance of petty wrongdoings
 Significant and unusual related-party transactions
 Significant volume of manual journal entries and adjustments

Governance Regarding Fraud

 Strong governance provides the foundation for an effective fraud risk management
program
 Board ownership of agendas and info flow
 Access to multiple layers of management and effective control of a whistleblower
hotline
 A code of conduct for senior management
 Strong emphasis on the board own independent effectiveness and process through
board evaluations, active participation in oversight
 Effective senior management team, evaluations, performance management,
compensation, etc.

Detection of Fraudulent Financial Statement Schemes

 Financial statement analysis
o Vertical analysis (percentage analysis) – analyze relationships between items on
income statement, balance sheet, or statement of cash flows
o Horizontal analysis (percentage analysis) – analyze percentage change in
individual financial statement items from one year to the next
o Ratio analysis – measure relationship between 2 difference financial statement
amounts

Deterrence of Financial Statement Fraud

 More complex than deterring asset misappropriation and other frauds
 83% of financial statement frauds involved CEO or CFO
 Executives use their authority to override most internal controls

Reduce Pressure to Commit Financial Statement Fraud

 Establish effective board oversight of the “tone at the top” created by management
 Avoid setting unachievable or unreasonable goals
 Avoid apply excessive pressure on employees to achieve goals
 Change goals if changed market conditions require it
 Ensure compensation systems are fair and do not create too much incentive to commit
fraud
 Discourage excessive external expectations of future corporate performance
 Remove operational obstacles blocking effective performance
Reduce the Opportunity to Commit Financial Statement Fraud
 Maintain accurate and complete internal accounting records
 Carefully monitor business transactions and interpersonal relationships between
financial units
 Establish a physical security system to secure company assets
 Divide important functions among employees
 Encourage strong supervisory and leadership relationships to enforce accounting
procedures
 Establish clear and uniform accounting procedures with no exception clauses

Reduce Rationalization of Financial Statement Fraud

 Promote strong values throughout the organization
 Clearly define prohibited behaviour
 Provide regular training to all employees communicating prohibited behaviour
 Have confidential advice and reporting mechanisms
 Communicate that integrity takes priority over goals
 Ensure management practices what it preaches
 The consequences of violating the rules and punishment of violators should be clearly
communicated

Management Discretion
 With respect to accounting discretion, its legitimate use does not violate any ethics
guidelines although some individuals complain about its use and would like it eliminated
 Managers also make use of economic discretion

Earnings Management
 Management’s routine use of nonfraudulent accounting and economic discretion

Earnings Manipulation
 Can refer either to the legitimate or aggressive use, or fraudulent abuse, or discretion
 Can be legitimate, marginally ethical, unethical, or illegal, depending on its extent

Earnings Smoothing
 The manipulation of earnings to reduce their volatility
 This means using manipulation to increase earnings in years when they are weak and to
lower them in years when they are strong
 It’s very well known that investors prefer steadily increasing earnings that consistently
meet or exceed financial analyst expectations
 This stems from the general economic principle that investors are risk averse
 In financial terms, risk aversion is associated with earnings volatility
Cookie Jar Accounting
 Types of earnings management and manipulation
 The practice treats the balance sheet as a cookie jar: in good years, the company stores
cookies (reserves) in the cookier jar (the balance sheet) so that it can take them out and
eat them (place them on the income statement) when management is hungry (needs
extra income to look good)

Big Bath Accounting

 When a company make a large one-time write off, it is said to take a big bath to improve
future earnings
 Many companies take a big bath (often in the form of restructuring or inventory write-
downs) when earnings performance is already poor

Cases of FSF and Manipulation

 The Great Salad Oil Swindle – auditor checked tanks of oil and they ‘passed’ the test, but
they were actually filled with mostly water and a thin layer of oil on the top
 Equity Funding: They Made a Movie About It – created and sold a large number of fake
insurance policies at their present value and misreported it on the FS
 Cedant Corporation: Manufacturing Revenues – $500 million in fictitious revenue
 Zzzz Best: The Teenager Who Fooled Wall Street – $200 million public company that was
just a pyramid scheme
 Sunbeam Corp: Channel Stuffing – related to $1.5 million in bbq grills
 Nortel: The Ultimate Big Bath - $18.4 billion in charges for restructuring costs, bad
customer debts, and obsolete inventory
 WorldCom: Boosting Earnings in a Big Way – capitalized billions of dollars in costs that
should have been expensed
 Enron: Lessons in Creative Accounting
 Week 6 – Employee, Vendor, and Other Frauds Against the Organization
What is Fraud and Who Commits It?
 Fraud in any intentional act of omission designed to deceive others, resulting in the
victim suffering a loss and or the perpetrator achieving a gain
 Who commits it?
o Last one you would expect
o Doesn’t recognize harm to victims
o Living beyond means
o Gambling/questionable companions
o Extended illness in family

Fraud Statistics
 Most frauds are committed by employees that have more than three years and more
than 60% are male
 Most costly frauds involve long-term employees in management positions

The Fraud Problem

 Organizations in the US lose hundreds of billions of dollars per year to fraud
 Many believe that most frauds against organizations are never reported to law
enforcement authorities to avoid negative publicity and legal liability
 Many companies actually consider employee or vendor theft as a cost of doing business
 Law enforcement is likely to choose not to pursue an embezzlement case involve only a
few hundred or even thousand dollars
 The majority of frauds are identified through tips from:
 o Employees (26.3%)
o Customers (8.6%)
o Vendors (5.1%)
o Anonymous (7.7%)
 The next largest sources for detecting fraud are
o By accident (18.8%)
o Internal audit (18.6%)
 Internal controls accounted for 15.4%
 11.5% of frauds were discovered through external audits

Who Commits Frauds

 The fraud triangle helps to explain who commits fraud
o Pressure – usually related to financial pressure such as large medical bills,
gambling problems, drug habits, and extravagant living
o Opportunity – required to commit fraud
o Rationalization – likely depends on the type of criminal and the criminal’s
personality type or possible personality disorder

 Motivation/Pressures
o Personal pressure – lifestyle and vices, dissatisfaction
o Employment pressure – contingent compensation structures, management has a
financial interest
o External pressure – threats to financial stability of business, financer covenant,
market expectations
 Opportunity
o People thing they won’t get caught
o Large cash amounts
o High value, high demand, small size inventory or capital items
o Lack of segregation of duties
o Blind trust from company
o Knowledge of control weaknesses, by-pass controls
o Lack of corporate governance
 Rationalization/Attitudes
o Individual culture
  Personal value systems and beliefs
 Everybody does it
 The company owes me
 I’m not hurting anyone
 I intend on paying it back
o Corporate culture
 Business principles
 Tone at the top
 Lack of education and awareness
 Response to fraud incidents: tolerance of petty fraud
 Management override of controls
 Alienation of employees
 Poor employee compensation – employees could steal to make up for
what they think the company owes them
 Excessive pressure to perform – this can generate hostility toward the
company, providing rationalizations for employees to cheat customers,
vendors, and the company itself and to violate health and safety laws and
regulations
 Hostile work environment – this situation can generate animosity toward
the company, which can be rationalization to commit fraud
 Corporate financial troubles – financial disorder tends to produce general
chaos within the company, leading to a wide range of problems including
employee dishonestly
o Fundamentally dishonest employee without a personality disorder –
rationalization comes easily because the person is accustomed to dishonesty
o Fundamentally dishonest employee with a personality disorder – one with an
antisocial personality disorder is often able to steal without giving much
conscious thought to rationalizations
o Normally honest employee who will steal given pressure and opportunity – a
person who does not normally steal is likely to give serious thought to
rationalizing the theft. One common rationalization is that the person is only
borrowing
Fraud Occurs When
 There is an absence of controls rather than loose controls
 Management role models are corrupt, inefficient, or weak
 Employees are poorly manager, abused, or under stress

Indicators of Potential Fraud

 Controls being held by a few individuals, lack of segregation of duties
 Unexplained significant variances of certain accounts
 Late reporting
 Unexplained shortage in physical assets
 Staff not taking vacations or not rotating duties

Characteristics of a White-Collar Fraudster

 Above-average intelligence
 Relatively well educated, inclined to take risk
 36–45-year-old while male
 Commits fraud against own employer
 Works in collusion with another offender
 Employed by the company for more than 10 years
 Hold a senior management position
 Work in finance or accounting
 Lacks feelings of anxiety and empathy
 Feels a lack of control over circumstances

Revenue Cycle Fraud

 Cash collection fraud
 Basic sales skimming – employee does not record the sale and pockets the cash
o Can be detected and discouraged through ‘customer audit’. Gives rewards to
customers who report transactions without proper sales receipts
 o Use of cash registers that display the amounts and only open when a sale is
being entered
o Two employees should never share the same cash register
 Advanced sales skimming – employee collects money from the customer, does not
record a sale, and gives customer a forged receipt. Can also occur when employee
makes off-the-books deals with customer
o Prevent by prenumbering sales forms
 Checks swapped for cash – employee removes cash from the register and replaces it
with fake cheques
o One way to control is to use an electric cash box that is integrated with an
automated check approval system
 Cash box robbery – if the employer does not reconcile sales and collections for the cash
box at the end of each shift, the cashier could be robbing the till
 Shortchange sales – cashier pockets the amount that is shortchanged
o Minimized by having video surveillance and by having strict cash-handling
procedures
 Mail room theft – cash theft in the mail room
o Solved by having two employees open the mail together and then preparing
separate cash remittances

Cash Processing Fraud *overlaps revenue cycle fraud

 Cash stolen in transmission
o Either the person giving up the cash or the person receiving it can steal some of
it
o Prevent this by making both the receiver and giver count the cash, agree on the
cash, and then sign a transmittal memo that can be used to identify shortages
 Lapping of A/R – when A/R clerks steal incoming payments and hides the theft by
manipulating the customer account records
o Segregation of duties – a/r clerk should not have access to incoming payments
 Short bank deposits
o Detected by reconciling bank deposit slips
 Noncustodial theft of money
o Check tampering – altering stolen customer checks
o Check washing – remove payee names, dates, and amounts providing blank
cheques
o Check laundering

A/R Frauds
 Fraudulent credit approvals – dishonest employees could intentionally engage in
fraudulent credit approval by granting credit accounts to fictitious customers
 Improper credits – a/r clerks could make improper credits to friends’ accounts
o Prevented by requiring support documentation
  Improper write-offs – employees also could make improper write-offs to friends’
accounts instead of sending the accounts to collection
o Prevented by requiring independent authorization for write-offs

Expenditure Cycle Frauds

 Improper purchases and payments
 Unauthorized purchases
o Prevented by implementing a voucher system and get an independent
department to match the charges and receipts
 Fraudulent purchases to related parties
 Misappropriation of petty cash
 Abuse of company credit cards or expense accounts
 Unauthorized payments
 Theft of company checks
 Fraudulent returns
 Theft of inventory and other assets
 Payroll fraud
o Improper hiring
o Improper changes to employee personnel files for pay raises
o Improper work-related reporting

The Audit Processes in Detecting and Preventing Employee Fraud

 Audit trail – most important element in detecting fraud
 Chain of custody – part of audit trail
 Authorizations and approvals – also part of audit trail
 The internal audit helps ensure that the audit trail is generated
 Physical security and monitoring
 Fraud reporting hotlines, training, and education

Vendor Frauds
 Short shipments – a company is susceptible to paying for goods not received if it does
not count its incoming shipments and match the counts against purchased orders and
vendors’ invoices
 Balance due billing – some vendors send their customers statement that show only the
balance due. Companies whose vendors bill this way are at high risk for being overbilled
 Substandard goods – vendors can ship substandard goods if the receiving company does
not have a method of receiving and inspecting goods
 Fraudulent cost-plus billing

Employee Fraud Methods in Electronic AIS

 Input manipulation
o Abuse of access privileges
o Unauthorized access
  Direct file alteration – bypass normal access software
 Program alteration – requires access and technical skill
 Data theft – hard to detect and prove
 Sabotage – typically by disgruntled employees

External Fraud
 Unauthorized activity, theft, or fraud carried out by a third party outside the institution
that is the subject of the fraudulent behaviour
 Source of external fraud
o Customers
o Vendors
o Unrelated third parties

Threats from Customers

 Unique fraud schemes to every industry
 Universally applicable
o Cheque fraud
 Prevention and detection: educate employees on how to spot a
fraudulent cheque, request identification from person using cheque,
adopt a no personal cheque policy
o Credit card fraud
 The misuse of a credit card to make purchases without authorization, or
counterfeiting a credit card
 Unauthorized use of a lost or stolen card
 Prevention and detection:
 Educate employees responsible for processing customer
payments
 Ask for ID from all credit card users
 Learn the red flags of customers using a fraudulent card
o Customer purchases a large item and insists on taking it at
the time
o Customer becomes argumentative or appears to be rushed
o Customer pulls card directly from pocket rather than from
a wallet
o A customer purchases several expensive items on a newly
valid card
o A customer claims to have forgotten or lost his
identification when asked for it by a cashier

Threats from Vendors

 Collusion among contractors
 o Complementary bids – competitors submit token bids that are too high to be
accepted
o Bid rotation – two or more contractors conspire to alternate the business
between them on a rotating basis
o Phantom bids – phony bids from shell companies to create the illusion of
competition
 Prevention and detection:
o Vendor audits
o Ensure integrity of contractors
o Look for red flags of unscrupulous vendors
 Contractor’s address, telephone number, or bank account info matches
that of an employee
 Contractor’s address is incomplete
 Excessive number of change orders

Week 7 – Fraud Prevention, Risk Management, and Fraud Detection

Factors that Influence Fraud Risk
 Nature of the business
 Operating environment
 Effectiveness of internal controls
 Ethics and values of the company and the people within it

What is a Fraud Risk Assessment?

 A process aimed at proactively identifying and addressing an organization’s
vulnerabilities to internal and external fraud
 Objective – to help an organization recognize what makes it most vulnerable to fraud so
that it can take proactive measures to reduce its exposure

Why Should Organizations Conduct Fraud Risk Assessments?

 Improve communication about and awareness of fraud
 Identify what activities are the most vulnerable to fraud
 Know who puts the organization at the greatest risk of fraud
 Develop plans to mitigate fraud risk
 Develop techniques to determine if fraud has occurred in high-risk areas

What Makes a Good Fraud Risk Assessment?

 Collaborative effort of management and auditors
 The right sponsor
 Independence and objectivity of the people leading and conducting the work
 A good working knowledge of the business
 Access to people at all levels of the organization
 Engendered trust
 The ability to think the unthinkable
  A plan to keep it alive and relevant

Executing the Fraud Risk Assessment

 Identifying potential inherent fraud risks
o Incentives, pressures, and opportunities to commit fraud
 Position
 Incentives
 Performance pressures
 Weak internal controls
 High complex business transactions
 Collusion opportunities
o Risk of management’s override of controls
 Management knows the controls and standard operating procedures in
place to prevent fraud
 Knowledge of controls can be used to conceal fraud
Fraud Prevention and Risk Management Overview
 Fraud prevention requires information security and good internal control.
o Information security can’t be obtained simply by studying and applying lists of
security measures
o Rather security must be studied and applied as a management in the context of
enterprise risk management
 Information systems security is merely the application of standard internal control
principles to information resources
 ISMS and internal controls are part of managements overall ERM process
o Involves weighing various opportunities against related risks in a way that is
consistent with managements objectives and risk preferences

Information Security Management System (ISMS)

 An organizational internal control process that ensures the following three objectives in
relation to data and information within the organization:
o Confidentiality
o Integrity
o Availability
 Objectives:
o Confidentiality – this concept involves ensuring that data and information are
made available only to authorized persons
o Integrity – involves accuracy and completeness
 Accuracy – means inputting the correct data into the system and then
processing it as intended, without errors
 Completeness – ensures that no unauthorized additions, removals, or
modifications are made to data that has been inputted into the system
o Availability – this concept involves ensuring that data and information are
available when and where they are needed
  Key concepts:
o Prevention, detection, and response
 Prevention stops security problems before they occur
 Some problems cannot be prevented, so they need to be detected and
responded to in an appropriate way
o Risk management, threat, and vulnerability analysis
 Threats are systems-related individuals or events that can result in losses
to the organization
 Active threats – relate to the intentional acts of individuals (e.g.,
hackers)
 Passive threats – relate to random event, accidents, or acts of
nature
 Vulnerabilities are weaknesses in the ISMS that result in exposures to
threats

Applied Security Controls

 Organization of information security – requires security to be a formal part of the
organization and headed by a Chief Information Security Officer
 Human resources security – persons with security responsibilities should be trained in
security. Ensure employee loyalty, competency, and integrity
 Physical and environmental security – physical access to all information systems should
be restricted, on a cost-benefit basis using biometric devices, locked doors, badges,
security fences/gates, and so on
 Communications and operations management – maintain off-site backups
 Access controls – layer approach to data protection that requires an attacker to
penetrate multiple layers of security to obtain access to data.
o Network layer
o Network domain layer
o Application layer
o Database layer
 Information systems acquisition, development, and maintenance – control must be
maintained over IT projects at all stages of their development
 Information security incident management – operations must be carefully monitored for
security incidents
 Business continuity management – formal written disaster management and recovery
plans should be implemented to deal with responses to possible disasters and
substantial business interruptions

Governance, Enterprise Risk Management, and Control Regarding Fraud

 ERM require that considerable emphasis be placed on evaluating and assessing the risk
of fraud adversely affecting the organization’s achievement of strategic goals and
objectives
  Management has a responsibility to establish and maintain effective control system at a
reasonable cost

Risk Treatment Strategies

Governance Regarding Fraud

 Strong governance provides the foundation for an effective fraud risk management
program
 Board ownership of agendas and info flow
 Access to multiple layers of management and effective control of a whistleblower
hotline
 A code of conduct for senior management
 Strong emphasis on the Board’s own independent effectiveness and process through
board evaluations, active participation in oversight
 Effective senior management team, evaluations, performance management,
compensation, etc.

Roles and Responsibilities

 Board of directors – help set the tone of the top
 Management – also helps set the tone. Also in charge of implementing the overall fraud
risk management program
 Employees – day-to-day execution of the fraud risk management program. Specifically,
the controls that are designed to prevent and detect fraud
 Internal audit function – contributes to overall governance of the fraud risk
management program; evident from the assurance engagements

Roles and Responsibilities of Board of Directors and Audit Committees

 Primary responsibility
o Oversee management
o Direct internal audit
o Direct external audit
 Internal controls over financial reporting and the company’s internal control processes
  Assure management has adequately assessed the risk of management override or
collusion among top-level managers and executives
 “Tone at the top”
 Anti-fraud programs
 Ethics training
 Instituting a zero-tolerance policy toward fraud
 Proactively investigate whistleblower tips
 Protect whistle-blowers

Components of a Fraud Risk Management Program

 No one size fits all approach
 Most organizations have written policies and procedures relating to fraud
 Typically, successful integrated programs have certain key components
 Commitment
 Fraud awareness
 An affirmation process
 Conflict disclosure protocol
 Fraud risk assessment
 Reporting procedures and whistleblower protection
 An investigation process
 Disciplinary and/or corrective actions
 Process evaluation
 Continuous monitoring
 Including these components in a fraud risk management program will not eliminate
fraud risk. However, it will provide reasonable assurance incidents are prevented, or
detected and dealt with

Fraud Prevention
 Fraud Guide outlines common elements that can play and important role in preventing
fraud:
o Performing background investigations
o Provide anti-fraud training
o Evaluating performance and compensation programs
o Conducting exit interviews
o Authority limits
o Transaction-level procedures

The Fraud Detection Process

 Involves identifying indicators of fraud that suggest a need for further investigation
 Various means of detecting fraud exist, including tips and hotlines, financial statement
audits, internal audits, and by accident
 Hotlines and Fraud Discovery
o Very effective; 35% to 50% of frauds detected
 o They must have a disclosure policy
o Confidentiality and anonymity
o They must be supplemented by an ethics code, employee training proper
monitoring, advertising, and the right tone from top management
 Fraud discovered by accident, external auditors, and internal auditors

Fraud Detection and ERM

 Within the organization fraud detection is part of the internal control and ERM
processes
 Internal controls can be preventative, detective, or corrective
o Preventive – stop fraud before it happens
o Detective – signal the existence of fraud
o Corrective – include investigating and recovering from fraud

Fraud Issues
 There is a trade-off between prevention, detection, and correction
 Detection produces false positives and false negatives
o False positives – indicate fraud when there is none
o False negatives – indicate no fraud when there is fraud
 One goal is to balance the rate of false positives versus the rate of false negatives so
that total fraud costs are minimized
o Total fraud costs = preventions costs + detection costs + correction costs + fraud
losses

Optimizing Fraud Indicators

 If preventative controls are assumed, and correction and fraud loss costs are known,
then it is possible to choose fraud indicators that optimize total fraud costs
 The fraud indicator should be tweaked to signal more and more frauds, as long as
signaling more and more frauds results in reducing the sum of the detection and
investigation costs
 Relative cost of detection versus prevention and correction

Fraud Detection
 List of criteria that organizations can use to help them monitor, measure, and evaluate
their effectiveness of their fraud prevention techniques:
o Number of known fraud schemes committed against the organization
o Number and status of fraud allegations received by the organization that
required investigation
o Number of fraud investigations resolved
o Number of employees who have/have not signed the corporate ethics statement
 o Number of employees who have/have not completed ethics training sponsored
by the organization
o Number of whistleblower allegations received via the organization’s hotline
o Number of allegations that have been raised by other means
o Number of messages supporting ethical behaviour delivered to employees by
executives
o Number of vendors who have/have not signed the organization’s ethical
behaviour requirements
o Benchmarks with global fraud surveys, including the type of fraud experiences
and average losses
o Number of customers who have signed the organization’s ethical behaviour
requirements
o Number of fraud audits performed by internal auditors
o Results of employee or other stakeholder surveys concerning the integrity or
culture of the organization
o Resources used by the organization

Week 9 – The Fraud Investigation and Engagement Process

Reasons to Investigate
 To determine source of losses
 To identify the perpetrator
 To gather evidence
 To recoup losses
 To identify control weaknesses
 To comply with laws and regulations

Planning the Investigation

 Questions that the lead of the investigation needs to answer:
o Who will be involved in the investigation?
o What will be the investigation strategy?

The Investigation Team

 Include only those individuals who:
o Can legitimately assist in the investigation
o Have a genuine interest in the outcome of the investigation
 Primary goal is to resolve fraud allegations as thoroughly and efficiently as possible
 Certified fraud examiners
 Legal counsel
 Internal auditors
 Security personnel
 IT and computer forensic experts
 Human resources personnel
 A management representative
  Outside consultants

The Fraud Investigation Process

 Involves systematically gathering and reviewing evidence for the purpose of
documenting the presence or absence of fraud
 Four steps in total:
1. The Engagement Process
 The series of steps that begins with the investigator’s first contact with
the case and concludes with a complete agreement regarding the fraud
services the investigator will provide
2. The Evidence Collection Process
 The various steps in which evidence in support of the objectives and
scope of the investigation is collected
 Based on the ‘fraud theory approach to fraud investigation’ and follows 4
distinct steps:
i. Analyze data
ii. Create hypotheses regarding a possible fraud
iii. Test the hypotheses
iv. Regine and amend the hypotheses (if tests do not support them)
 Investigator needs to discuss with management the objectives and scope
to prevent disagreement between management and investigator
3. The Reporting Process
4. The Loss Recovery Process

Types of Evidence
 Physical evidence – refers to a relatively broad category of evidence that includes items
such as fingerprints and trace evidence
 Document evidence – includes not only documents collected as part of the investigation
process but also documents created in the form of charts. Graphs, or other exhibits
admitted into evidence as part of expert testimony
 Observation evidence – obtained by monitoring suspects. May take the form of
eyewitness testimony of various types of electronic or other recordings
 Interview evidence – interviews of individuals providing effective witness testimony with
personal knowledge relevant to the alleged fraud can provide one of the most powerful
types of evidence

Steps in the Evidence Collection Process

1. Collect physical and documentary evidence (examining)
2. Collect observational evidence
3. Collect interview evidence
 The interview process involves specific types
 The initial interviews are conducted with the most remote suspects
  The investigator then conducts additional interviews that are successively closer to
the suspects, with the prime suspects being the last person interviewed

Steps in the Engagement Process

1. Create an incident report
 Includes the initial information used to justify the investigation
o The initial information should be included in a unified case file
 Should document all activities related to the investigation
 Purposes:
 Provide organization
 Document investigation
 To be a case information repository
o The incident report can serve as probable cause for law enforcement
o The incident report can provide proof that the suspect is not being singled
out because of illegal discrimination or in violation of collective bargaining
rights
o Access should be granted on a need-to-know basis
2. Conduct the initial notifications and evaluation
 Determine who needs to be notified and whether the incident report justifies an
investigation
 Routine incident reports may be routed to a predetermined department
 Non-routine reports may be routed to the legal department or outside council
 The initial notification and incident evaluation must be kept as secret as possible, to
avoid compromising a possible investigation
 Temptation must be resisted to confront suspects at this point
3. Consider legal issues
 Consider rights of workers or other suspects
 Evaluate the evidence and consider whether there is sufficient legal justification to
fire a worker or place a worker on administrative leave
 Consider the rights of investigating employers
 Consider reporting obligations
4. Evaluate loss mitigation and recovery considerations
 Immediate loss mitigation options
i. Immediately fire the employee
ii. Change the employee’s job responsibilities
iii. Place the employee on administrative leave (with or without pay)
iv. Permit the employee to continue in her current position, possibly continuing
the fraud, thus giving the investigator the possibility of catching her in the
act
 Insurance recovery – collecting insurance to recover losses
 Recovery through litigation – through criminal or civil litigation

Determine the Objectives, Scope, and Costs of the Investigation

  The objectives, scope, and costs of the investigation
 Possible objectives for an investigation
o Stop the fraud from continuing
o Identify the loss for insurance purposes
o Identify the loss for tax purposes
o Make an example of a fraudster
o Minimize any embarrassing disclosures in the press
o Discover weaknesses in the internal control system

Elements of an Engagement Letter

 Services to be provided
 Objectives and scope of the investigation
 Methods to be used
 Resources required
 Responsibilities of the respective parties
 The basis and methods used for charging professional fees
 The means for resolving disputes

Screening Engagements
 Screening is a vetting process to avoid undesirable clients and cases
 Accepting an engagement requires careful evaluation of the proposed risks and rewards
 Economic assessment can be stated in terms of its risk-reward ratio

Pre-Engagement Considerations
 Conflicts of interest
o Real or perceived incompatibility between:
 Interests of two clients
 Interests of the client and the forensic accountant
o Key considerations:
 Objectivity
 Independence
 Competence and due care
 Nature and scope of the assignment
 Compensation
Week 10 – The Evidence Collection Process of Fraud Examination: Physical, Documentary, and
Observational Evidence
Introduction to Evidence
 Once a fraud investigation is launched, the evidence collection process begins
 Generally speaking, evidence is anything (tangible objects, documents, and testimony)
that relates to the truth or falsity of an assertion made in an investigation or legal
proceeding
 The goal of the fraud investigator is to collect evidence relevant to the fraud under
investigation
 Evidence, when well organized, provides answers to the classic sleuth’s questions
regarding the possible fraud: who, what, when, where, how, and why
 A fraud theory provides answers to the sleuth’s questions

A Fraud Theory
 A fraud theory paints a picture of a fraud
 An organized set of suppositions related to the classic questions of who, what, when,
where, why, and how

The Investigator’s Role in Collecting Evidence

 In virtually all cases, the fraud investigator has the primary responsibility for collecting
the basic evidence needed to build a possible case
 The fraud investigator may provide expert opinion. The extent to which a fraud
investigator renders an expert opinion in her investigation report depends on the
objectives, scope, and type of case, the facts of the case, and on the type of investigator
  The investigator should never provide an opinion of guilt or innocence of any person or
party

The Evidence Gathering Process

1. Review physical and document evidence – become familiar with business processes,
persons, and gather information about the possible fraud
2. Observe – observe suspects in action
3. Conduct interviews – interview suspect with as much evidence as possible already in hand

The Fraud Theory Approach to Fraud Investigation

 The fraud theory approach to fraud investigations is a process that posits a hypothesis
regarding a fraud scheme, tests the hypothesis with evidence, and then accepts,
modifies, or discards the hypothesis as the evidence warrants
 A fraud scheme is a predefined set of answers to the questions “who, what, how, when,
and where”
o The question “what” must be asked first – what fraud has occurred?

The Prediction Principle

 Prediction suggests discontinuing the investigation if no reasonable basis exists to
continue to collect evidence. On the other hand, the investigator should follow the
evidence if the evidence justifies continuing the investigation
 Dictates that there must be a reasonable justification for each step in the evidence
collection process
 Also dictates that evidence must be collected until no reasonable basis remain to
continue collecting it

Hypothesis Testing for a Fraud Theory

 A hypothesis test is an examination of a piece of evidence to decide whether it is
consistent with a given fraud theory under consideration

Protocols for Investigating Fraud Schemes

 No generally accepted, published professional protocols exist for conducting
investigations for each type of fraud scheme
 In the absence of any pre-established protocols, the fraud investigator must establish
protocols for each new investigation
o The general rule in establishing such protocols is that each fraud scheme has its
own “smoking gun” that represents not only evidence but also a weak point in a
fraud scheme
 The fraud investigator should posit a fraud scheme and then focus on gathering
evidence related to the weak points associated with the scheme under investigation
Advanced Evidence Concepts
 As previously discussed, evidence from the POV of an investigator is anything that
relates to the truth or falsity of an assertion made in an investigation or legal proceeding
o It includes physical objects, documents, observations, and interviews
 In an investigation, “evidence” has absolutely no meanings at all unless it relates to
some fraud theory
 In a court room setting, evidence is defined in terms of the courts’ rules of evidence,
what is admissible in court, trial strategy, and how it is viewed by judges, juries, and
attorneys

Physical Evidence
 Tangible
 Refers to a relatively broad category of evidence that includes fingerprints and trace
evidence
o For example, physical evidence can include forged signatures on documents
 Physical evidence must not be contaminated
o Importance of not disturbing it so that it is preserved as evidence for court

Documents and Records

 Documents are the most often used type of evidence in fraud investigations
 Basic rules:
1. Obtain original documents if possible (the credibility of a case is enhanced by
having original documents)
2. Keep them in a secure location so that access is restricted
3. Make copies of the original documents; use copies in the investigation and
originals in court
4. Handle originals as few times as possible; they might be used later for fingerprint
analysis
5. Maintain appropriate chain of custody records
 Use of documents in court
o Generally speaking, only original documents can be used as evidence in court
o Exceptions exist in certain cases
 Copies may sometimes be used when originals are not available
o Chain of custody must be maintained for documents to be used in court
o Documents should be organized
 One way to organize documents is to assign them Bates numbers
 Sources of documentary evidence
o Personnel files
o Current co-workers
o Friends and acquaintances
o Post-employment background checks
o Social networking sites
o Records available to the public (real estate, court, assumed name indexes)
 o Restricted records (motor vehicles, dealership, financial crime enforcement
network, tax returns)

Analytical Procedures
 When a suspected fraud is either, for example, an embezzlement or a misstatement of
financial statements, the forensic accountant can use analytical procedures to gather
evidence that can lead to the determination of who, what, when, and why regarding the
fraud
 Analytical procedures provide evidence of areas that are likely to contain fraud. They do
not prove fraud
 Analytical procedures can be used for both detection and investigation
 Common types
o Comparison of financial data with prior period financial data
o Ratio analysis and historical financial data
o Comparison of financial data with industry data
o Comparison of expected financial results with nonfinancial data
o Comparison of financial data with results expected by the entity itself
o Comparison of data with results expected by the forensic accountant
 Additional procedures
o Tracing – begin with source documents and follow it through the ledger to
financial statements
 Associated with understatements
o Vouching – begin with financial statement and follow info through ledger to
source documents
 Associated with overstatements
o Surprise counts – unexpected counts of inventory or other assets
 Can provide evidence on unexplained differences
o Reconciliation – performed to explain differences in two or more accounts,
items, or counts of assets
o Confirmations – used when third parties know some aspect of a financial or non-
financial matter and can be asked to provide this information
o Indirect methods – useful when perpetrator is believed to have substantial
amounts of unexplained income
 The net worth method: process that compares the current net worth of
the suspect to their net worth at the end of the prior year to arrive at a
change in net worth for the year

Invigilation
 Technique that considers periods before, during, and after a suspected fraud has
occurred
 Look for changes in patterns of performance around the time of suspicious activity
 Provides evidence of the act
 Helps calculate how much money may be missing
Indirect Methods of Income Reconstruction
 “Financial profiling”
 Used for developing indicators of concealed income and hidden assets
 Large amount of legwork required in developing sources of information
 Methods:
o Net worth method
 Assets = liabilities + owner’s equity
 Amount paid for assets – obligations = owner’s portion of net worth
 Examine change in net worth from year to year
 Provides evidence that amounts paid for assets and expenditures exceed
known income
o The lifestyle probe
o Bank records method

Questioned Documents
 Documents that generate suspicions are called questioned documents
o Documents are questioned because their authorship or authenticity, or both, is
in doubt
 Document examiners specialize in analyzing questioned documents. They may consider
things such as handwriting, printer output, and ink and paper used in documents
 Altered documents may have either deletions or insertions, or both
 Examples of suspicious document symptoms:
o Signature appears to be contrived
o Date on document is not consistent with other evidence
o Paper does not seem to be the type usually used for the purpose
o Document is a copy when original was expected
o Erasures or a covering agent, such as a fluid correction cover-up, is present
o If document is in electronic form, different styles or sizes of fonts were used
o Document numbers appear to be out of sequence
o Checks have second endorsements

Observation
 Observation involves the use of the senses to assess the propriety of the behaviour of
persons and other activities such as business processes that have a tangible component
 Three types of observational evidence
o Surveillance
o Invigilation
o Co-worker testimony
 Evidence provided through observation is often the most convincing and the easiest
evidence for juries to understand
 Week 11 – Interview and Interrogation Methods (Fraud Examination Part 2)
Interviews
 A conversation in which persons are questioned and their responses are noted
o More casual form of asking questions and does not require Miranda rights to the
person being interviewed (interrogation)
 Conducting effective interviews and interrogations can be one of the most important
evidence-gathering techniques in forensic accounting
 Interviews can and do produce confessions
o Even in the absence of a confession, credible information obtained from
interviews coupled with documentary evidence can cause a judge or jury to
convict a suspect based on circumstantial evidence alone
 Purpose is to gather primary information
 Favored tool of forensic accountants because:
o Direct means of obtaining information
o Provides immediate results
 Systematic process that requires:
o Planning
o Staging
o Execution
o Active listening
 Involved an individuals undivided attention, with both eyes and ears
 Facilitates accurate collection of information
 Demonstrates interest in what interviewee is saying
 Interest demonstrated by
  Letting the speaker finish his or her response without interruption
 Accepting the response without judgement
Body Language
 Involves communicating with the movement of position of human body, both
consciously and unconsciously
 Cautions:
o Varies among cultures
o Requires some baseline for comparison
o Two-way form of communication

Effects of Stress on the Communication Process

 Emotional and/or physical strain suffered by a person in response to pressure from
outside world
 Inhibits effective communication – creates internal noise that negatively impacts ability
to listen and think clearly
 Reactions or adaptations to stress
o Physical and emotional symptoms
 Adapt questioning process to diffuse tension at specific points in the interview

Value of Rapport
 Connection between interviewer and interviewee that serves as a foundation for
building trust and confidence
 Increases quality of witness remembrance

Understanding Personal Space

 Rapport building requires an understanding of, and respect for, the interviewee’s
personal space
 Violation can quickly destroy rapport and create stress
 An interviewer should be positioned two feet from interviewee

Preparing for an Interview

 Become familiar with the physical, document, and observation evidence already
collected
 Know as much as you can about witness, crime, victim, and possible perpetrators
 Profile the suspect-interviewee in light of the fraud triangle:
o Position in the firm, job functions, length of time with the firm
o Any promotions that may have been expected but not received
o Work-related interaction with co-workers
o Assets, outstanding bills, including recent large purchases
 Formulate an interview plan, maintain professional skepticism, and avid tunnel vision

Conducting Multiple Interviews

  The interviews begin with individuals who are not suspects and then proceed to those
who are least culpable, and finally end with the most culpable (i.e., suspects)
 When collusion has occurred, the suspects should be interviewed in the order of their
responsibility
o The suspect believed to be most responsible is to be interviewed last
 The interviewer usually requests that each person being interviewed not discuss the
matter with anyone

Conducting the Individual Interview

 Five kinds of questions are asked: introductory, informational, assessment, admission
seeking, and concluding
o Assessment and admission seeking is used for suspects only
 Introductory
o Asked to solicit the interviewees cooperation
o Serve four primary purposes
 Provide and introduction
 Establish rapport – shaking hands, mirroring
 Establish the theme of the interview – state purpose in general terms
 Observe the persons reactions and demeanor
 Compare behaviour when being asked non-confrontational
questions versus more sensitive questions
o For both suspects and non-suspects
o Should avoid using sensitive terms like ‘audit’ or ‘investigation’
o Should be accompanies with close observation of the subject’s demeanor and
behaviour, and should include only non-incriminating questions
 The close observation is called calibration. The suspects behaviour with
non-confrontational questions can later be compared to their behaviour
with confrontational questions
 Informational
o For both suspects and non-suspects
o Designed to collect information that is relevant to the investigation
o Represent the most important and most frequently used type of questions an
interviewer can ask
o Should include questions directed to the interviewee regarding whom they
believe committed the fraud and why, assuming she knows the purpose of the
investigation
 E.g., “who does the bank rec around here?”, “have you noticed any
changes in your coworkers’ behaviours?”
 Concluding
o For non-suspects who don’t show deceptions
o Are used to
 Confirm information received by the interviewer during the interview
 Obtain information that has not yet been gathered
  Seek the subject’s agreement that he will continue to cooperate
o Should confirm the interviewer’s understanding of the important facts collected
during the interview
o Should ask the subject if they have anything else helpful to add
o Should end on a positive note
o Can ask the subject to keep the session quiet so that no one is hurt by what was
discussed
 Assessment
o Given only to suspects
o Must be accompanied by monitoring of verbal and non-verbal cues
o Can provide indications of guilt, not necessarily guilt
 Evasive answers, qualifiers, attacking the interviewer, eye movements,
body language signals may signal deception or guilt
 Eye movement in response to questions vary according to the type of
memory a subject favor (touch-feeling, visual, auditory)
 Sitting position, reaching, scratching, shifting position, shifts in posture or
behaviour can indicate deception or guilt
 Admission-seeking questions
o Are only given to suspects who show signs of deception
o When seeking a confession, and with sufficient evidence in hand, the
investigator may directly accuse the subject
 When making the accusation, the interviewer should avoid the use of
emotionally charged words such as fraud or theft
o The investigator should not ask the subject whether she acted wrongly but tell
them that we are aware of the fraud and knows that he committed he
 E.g., “We are aware that you have been taking money from the
company”
o Consider asking a leading question so that any answer to the question is an
admission of guilt
o If the evidence is strong and the suspect doesn’t admit guilt, then indicate you
have strong evidence and are going to terminate the interview and report that
the suspect won’t cooperate
o The investigator should not disclose all her evidence without a confession
o Make confessing easier by giving the suspect a morally acceptable reason for
committing the fraud
 E.g., “Did you take the money to help your family?”
o After a confession, then ask in a considerate manner for the details of the fraud
o Motive should also be established

Using Interview Techniques

 Recording the interview
o Not generally recommended
 o Only record if into expected to be very detailed and is not easily susceptible to
note taking or later recall
 Taking notes
o Brief and can later go back to add more detail
 Written questions
o Generally, not recommended
o Encourages tunnel vision
o Subject can see/read questions and then be in a better position to respond
 The interview setting:
o Interview suspects in a neutral location
o The subject should not be seated behind a desk or table
 The number of interviewers
o Two should be present for admission-seeking questions, otherwise one is okay
 Mirroring can help establish rapport
o Mimicking subjects body language
 Maintain professional demeanor; don’t get angry
 Apply structure to questions

Types of Question Structures

 Close ended – response is either ‘yes’ or ‘no’
 Forced-choice – gives limited choice in response
o “When you took the money, was it because X or Y?”
 Open-ended
o “What do you know about the situation?”
 Clarifying questions
 Confrontational – statements to highlight contradictory evidence (contradiction usually
between suspect’s answer and other evidence)

Approaches to Persuasion
 Interview subjects are more likely to respond when shown kindness and sympathy
 The interviewer can use several approaches to persuade the subject to provide
evidence:
o Main approaches – the direct and indirect approach
 The interviewer must know how to overcome subjects’ not wanting to answer questions
o Non-suspects may fear that others may retaliate
o Suspects can try to delay or get angry

Verbal Cues to Deception

 Changes in speech patterns
 Repetition of the question
 Comments regarding interview
  Selective memory
 Making excuses
 Oaths
 Character testimony
 Answering with a question
 Overuse of respect
 Increasingly weaker denials
 Failure to deny
 Avoidance of emotive words
 Refusal to implicate other suspects
 Tolerant attitudes
 Reluctance to terminate interview
 Feigned unconcern

Joe Wells’ Ten Commandments for Effective Interviews

1. Preparation is key to success
2. Think as you go
3. Watch nonverbal behavior
4. Set the tone for the interview
5. Set the pace for the interview
6. Keep quiet
7. Be straightforward
8. Patience
9. Circle back
10. Get it in writing

Tips for Conducting Effective Interviews

 Choose the right setting
 Review facts before interview
 Avoid interviewing multiple people together
 Do not allow interviewee to direct line of questioning
 Select best combination of strategies and max of questions
 Save sensitive or difficult questions for later
 Be an active listener
 Memorialize the interview
 Objective is to gather information

The Signed Statement

 Obtain written confession if possible
 Written statement has greater credibility than oral confession
 Discourages culpable person from later attempting to recant
 Inclusion of written confession
o Voluntary confessions
 o Intent
o Approximate dates of offense
o Approximate amounts of losses
o Approximate number of instances
o Willingness to cooperate
o Excuse clause
o Have the confessor read the statement
o Truthfulness of statement
o Preparing a signed statement

Week 12 – Fraud Report, Litigation, and Internal Audit

Report Writing
 Fraud examinations conclude with a report of the investigation results
 Usually, a formal written report
 Normally used for internal purposes, but may be sent to police or insurance companies
 Other than technical matter, no opinions of any kind should be included
o Particularly those regarding guild or innocence

Investigation Report
 Report must be accurate and understandable, and must “speak for itself”
 A good report:
o Conveys evidence
o Adds credibility
o Accomplished objectives of the case
o Is written with the expected reader(s) in mind
 Report should be written as though it will be used in civil or criminal trial
 State only the facts
 Do not make errors
 Include a follow-up section

Fraud Investigation Reports

  The fraud report plus expert opinions and testimony are then used as needed to support
the resolution of any issues that may relate to taxes, employment, regulatory reporting,
litigation (civil and criminal), and insurance claims
 Because the report is used for such important purposes, it must be constructed under
the assumption that it will be challenged in court

Uses of Fraud Report

 Taxes – a fraud report may help estimate losses for tax deductibility
 Employment – incomplete investigations may face unemployment compensation issues
 Litigation – may be helpful in litigation, but police might not investigate
 Insurance claims – a business could run out of funds during the investigation

Elements of a Fraud Report

 Address section – whom the report is addressed to and who it’s from
 Background information – what triggered the investigation
 Executive summary – briefly summarizes the investigation, method/tests used,
standards followed, and results
 Scope and objectives – what the investigation sought to accomplish
 Approach – the fraud investigation team, the procedures and methods used, the test
performed, and the evidence collected
 Finding – details regarding the methods used, tests performed, and the evidence
collected, and a one-or-two sentence summary of the findings of the investigation
 Recommendations – e.g., suggestions to improve controls
 Exhibits – copies of documents, interview transcripts, a brief resume of the fraud
investigator, and so on

The Investigator’s Liability in Writing a Fraud Report

 There is some risk that a suspect may sue the investigator
 Avoid any inferences and opinions relating to a suspect’s guilt
 State facts, and opinions on things other than guilt
 Use the word “consistent” but very carefully
 Ask you professional liability insurer to check the wording in your report

Fraud Loss Recovery

 Includes the actions taken to make the victim whole again to the extent possible
 Options include the following:
o Accept the loss
 Sometimes this is the best business decision
o Collect insurance
 Business policies can include coverage for proof of loss, embezzlement
losses, loss of income due to embezzlement, and loss of valuable papers
and records
 Proof of loss and cooperation are required. Payment can come too late
 o Litigate
 Fraudsters can be judgement proof, and the policy may not help
 i.e., without assets

Trial Tactics and Principles Concerning Experts

 The most important considerations at trial for experts are credibility, demeanor,
understandability, and accuracy
 Experts should follow these guidelines:
o Answer questions in plain language
o Answer only what is asked
 Not volunteer more than what is asked
o Maintain a steady demeanor
o Be friendly and smile at appropriate times
o Remain silent when there is an objection by one of the attorneys
o Tell the truth
o Control the pace
 Avoid firing back answers at a rapid pace. This avoids giving the
appearance that the witness is arguing with the attorney. It also prevents
the witness from rushing and being overwhelmed to the point of making
mistakes