business ethics, fraud and fraud detection

Upload: ahmad-badrus-salam

Post on 27-Feb-2018

244 views

Category:

Documents


1 download

TRANSCRIPT

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    1/44

    BUSINESS ETHICS,FRAUD AND FRAUD

    DETECTIONCHAPTER 12

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    2/44

    ETHICAL ISSUES INBUSINESS

    Ethical standards are derived fromsocietal mores and deep-rootedpersonal beliefs about issues of rightand wrong that are not universallyagreed upon

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    3/44

    Ethics pertains to the principles of conductthat individuals use in maing choices andguiding their behavior in situations that

    involve the concepts of right and wrong! business ethics involves "nding the

    answers to two #uestions$ %1& How domanagers decide what is right in

    conducting their business' and %2& (ncemanagers have recogni)ed what is right*how do the+ achieve it'

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    4/44

    Ethical issues in business can bedivided into four areas$ %table 12!1& e#uit+*

    rights*

    Honest+*

    the e,ercise of corporate power

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    5/44

    Ethical guidance

    Proportionality. The beneft rom a decision mustoutweigh the risks. Furthermore, there must be noalternative decision that provides the same orgreater bene"t with less ris!

    Justice. The benefts o the decision should bedistributed airly to those who share the riss!

    Those who do not bene"t should not carr+ theburden of ris!

    Minimize risk. Even i judged acceptable by theprinciples, the decision should be implemented soas to minimi)e all of the riss and avoid an+unnecessar+ riss

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    6/44

    Computer ethics is the anal+sis ofthe nature and social impact ofcomputer technolog+ and the

    corresponding formulation and.usti"cation of policies for the ethicaluse of such technolog+/! 0This

    includes concerns about software aswell as hardware and concerns aboutnetwors connecting computers as

    well as computers themselves

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    7/44

    three levels of computer ethics$ pop* para* andtheoretical! Pop computer ethics is simpl+ the e,posure to stories

    and reports found in the popular media regarding the

    good or bad rami"cations of computer technolog+ Para computer ethics involves taing a real interest in

    computer ethics cases and ac#uiring some level of silland nowledge in the "eld

    theoretical computer ethics* is of interest tomultidisciplinar+ researchers who appl+ the theories ofphilosoph+* sociolog+* and ps+cholog+ to computerscience with the goal of bringing some newunderstanding to the "eld

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    8/44

    A ew Problem or 3ust a ew Twiston an (ld Problem'

    Privac+

    4ecurit+ %Accurac+ and Con"dentialit+&

    (wnership of Propert+

    E#uit+ in Access

    Environmental 5ssues

    Arti"cial 5ntelligence 6nemplo+ment and 7isplacement

    8isuse of Computers

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    9/44

    4ection 9:;cers

    4ection 9:; of 4(? re#uires publiccompanies to disclose to the 4ECwhether the+ have adopted a code of

    ethics that applies to theorgani)ation@s CE(* C=(* controller*or persons performing similar

    functions

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    10/44

    Conficts o Interest. The companys code oethics should outline procedures or dealingwith actual or apparent conicts of interestbetween personal and professionalrelationships

    Full and Fair Disclosures. This provisionstates that the organiation should provide full*

    fair* accurate* timel+* and understandabledisclosures in the documents* reports* and"nancial statements that it submits to the 4ECand to the public

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    11/44

    Legal Compliance. !odes o ethicsshould re"uire employees to ollowapplicable governmental laws* rules*

    and regulations

    Internal Reporting o Codeiolations. The code o ethics must

    provide a mechanism to permitprompt internal reporting of ethicsviolations to encourage and

    protect whistleblowers

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    12/44

    !ccounta"ility.#n e$ective ethicsprogram must take appropriateaction when code violations occur

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    13/44

    FRAUD ANDACCOUNTANTS

    The passage of 4(? has had atremendous impact on the e,ternalauditor@s responsibilities for fraud

    detection during a "nancial audit! 5tre#uires the auditor to test controlsspeci"call+ intended to prevent or

    detect fraud liel+ to result in amaterial misstatement of the"nancial statements

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    14/44

    Frau denotes a false representationof a material fact made b+ one part+to another part+ with the intent to

    deceive and induce the other part+to .usti"abl+ rel+ on the fact to his orher detriment

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    15/44

    !" Fa#se representation"There must be a falsestatement or a nondisclosure!

    $" %ateria# &act"A fact must be a substantialfactor in inducing someone to act!

    '" Intent"There must be the intent to deceive orthe nowledge that one@s statement isfalse!

    (" )usti*ab#e re#iance"The misrepresentationmust have been a substantial factor on which thein.ured part+ relied!

    +" Inur- or #oss"The deception must havecaused in.ur+ or loss to the victim of the fraud

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    16/44

    Emp#o-ee &rau, or &rau b- nonmana.ement emp#o-ees, is generall+designed to directl+ convert cash or other

    assets to the emplo+ee@s personal bene"t Emplo+ee fraud usuall+ involves three

    steps$ %1& stealing something of value %anasset&*

    %2& converting the asset to a usable form%cash&* and

    %B& concealing the crime to avoid detection

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    17/44

    %ana.ement &rau is more insidious than emplo+eefraud because it often escapes detection until theorgani)ation has suered irreparable damage or loss

    The fraud is perpetrated at levels of management

    above the one to which internal control structuresgenerall+ relate!

    The fraud fre#uentl+ involves using the "nancialstatements to create an illusion that an entit+ ishealthier and more prosperous than* in fact* it is!

    5f the fraud involves misappropriation of assets* itfre#uentl+ is shrouded in a ma)e of comple, businesstransactions* often involving related third parties

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    18/44

    The Frau Trian.#e

    %&' situational pressure, which includespersonal or job(related stresses that couldcoerce an individual to act dishonestl+D

    %2& opportunity, which involves directaccess to assets and)or access toinormation that controls assets* andD

    %B& ethics, which pertains to onescharacter and degree o moral oppositionto acts o dishonest+

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    19/44

    Financia# Losses &romFrau

    Association o& Certi*e Frau E/aminers 0ACFE1 in2:: estimates losses from fraud and abuse to be Fpercent of annual revenues

    The actual cost of fraud is* however* di>cult to #uantif+ for

    a number of reasons$ %1& not all fraud is detectedD

    %2& of that detected* not all is reportedD

    %B& in man+ fraud cases* incomplete information isgatheredD

    %9& information is not properl+ distributed to managementor law enforcement authoritiesD and

    %G& too often* business organi)ations decide to tae no civilor criminal action against the perpetrator%s& of fraud!

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    20/44

    The 2erpetrators o&Fraus

    =raud osses b+ Position within the(rgani)ation

    =raud osses and the Collusion Eect

    =raud osses b+ Iender

    =raud osses b+ Age

    =raud osses b+ Education

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    21/44

    Frau Schemes

    =raudulent 4tatements

    Corruption

    Asset misappropriation

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    22/44

    #$e %nderlying Pro"lems oFraudulent &tatement' *ack o auditor independence

    *ack o director independence

    +uestionable eecutive compensationschemes

    -nappropriate accounting practices

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    23/44

    &ar"anes()*ley !ct andFraud

    %1& the creation of an accountingoversight board*

    %2& auditor independence*

    %B& corporate governance andresponsibilit+*

    %9& disclosure re#uirements* and

    %G& penalties for fraud and otherviolations

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    24/44

    Corruption

    Briber- in3o#3es giving* oering*soliciting* or receiving things of valueto inuence an o>cial in the

    performance of his or her lawfulduties

    i##e.a# .ratuit- involves giving*

    receiving* oering* or solicitingsomething of value because of ano>cial act that has been taen

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    25/44

    con4ict o& interest occurs when anemplo+ee acts on behalf of a thirdpart+ during the discharge of his or

    her duties or has self-interest in theactivit+ being performed

    Economic e/tortion is the use %or

    threat& of force %including economicsanctions& b+ an individual ororgani)ation to obtain something of

    value!

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    26/44

    Asset 8isappropriation

    S5immin. involves stealing cash from anorgani)ation before it is recorded on theorgani)ation@s boos and records

    mai#room &rau,where an emplo+ee openingthe mail steals a customer@s chec anddestro+s the associated remittance advice

    Cash #arcen- involves schemes where

    cash receipts are stolen from anorgani)ation after the+ have been recordedin the organi)ation@s boos and records

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    27/44

    Bi##in. schemes, a#so 5no6n as3enor &rau, are perpetrated b+emplo+ees who cause their emplo+er

    to issue a pa+ment to a false supplieror vendor b+ submitting invoices for"ctitious goods or services* inated

    invoices* or invoices for personalpurchases

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    28/44

    Chec5 tamperin. involves forging orchanging in some material wa+ a chec thatthe organi)ation has written to a legitimatepa+ee

    2a-ro## &rau is the distribution of fraudulentpa+checs to e,istent andJor none,istentemplo+ees

    E/pense reimbursement &raus areschemes in which an emplo+ee maes a claimfor reimbursement of "ctitious or inatedbusiness e,penses

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    29/44

    The&ts o& cash are schemes thatinvolve the direct theft of cash onhand in the organi)ation

    Non cash &rau schemesinvolvethe theft or misuse of the victimorgani)ation@s non cash assets

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    30/44

    Computer =raud

    The theft* misuse* or misappropriation of assetsb+ altering computer-readable records and "les!

    The theft* misuse* or misappropriation of assetsb+ altering the logic of computer software!

    The theft or illegal use of computer-readableinformation!

    The theft* corruption* illegal cop+ing* or

    intentional destruction of computer software! The theft* misuse* or misappropriation of

    computer hardware!

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    31/44

    =raud techni#ues

    %as7uerain. involves a perpetrator gaining access tothe s+stem from a remote site b+ pretending to be an

    authori)ed user! This usuall+ re#uires "rst gainingauthori)ed access to a password!

    2i..-bac5in. is a techni#ue in which the perpetrator ata remote site tapsinto the telecommunications lines andlatches onto an authori)ed user who is logging into thes+stem! (nce in the s+stem* the perpetrator can

    mas#uerade as the authori)ed user! Hacing ma+ involve

    pigg+bacing or mas#uerading techni#ues! Hac5ers are distinguished from other computer

    criminals because their motives are not usuall+ todefraud for "nancial gain

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    32/44

    2ro.ram &rau inc#ues the&o##o6in. techni7ues8

    %1& creating illegal programs that can

    access data "les to alter* delete* orinsert values into accounting recordsD

    %2& destro+ing or corrupting a program@s

    logic using a computer virusD or%B& altering program logic to cause theapplication to process data incorrectl+

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    33/44

    Operations &rau is the misuse ortheft of the "rm@s computerresources! This often involves using

    the computer to conduct personalbusiness

    Database mana.ement &rau

    includes altering* deleting*corrupting* destro+ing* or stealing anorgani)ation@s data

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    34/44

    Regardless of ph+sical form* usefulinformation has the followingcharacteristics$ re#e3ance,

    time#iness,

    accurac-,

    comp#eteness, an summari9ation"

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    35/44

    sca3en.in. involves searchingthrough the trash cans of thecomputer center for discarded output

    ea3esroppin. involves listening tooutput transmissions overtelecommunications lines

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    36/44

    4A4 o! KK* !onsideration o Fraud in a Financial tatement#udit, which pertains to the ollowing areas of a "nancialaudit$

    !" Description an characteristics o& &rau

    $" 2ro&essiona# s5epticism

    '" En.a.ement personne# iscussion

    (" Obtainin. auit e3ience an in&ormation

    +" Ienti&-in. ris5s

    :" Assessin. the ienti*e ris5s

    ;" Responin. to the assessment" Documentin. consieration o& &rau

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    37/44

    Frauu#ent Financia#Reportin.

    /anagements characteristics andin0uence over the controlenvironment

    -ndustry conditions

    1perating characteristics andfnancial stability.

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    38/44

    5n the case of "nancial fraud %managementfraud&* e,ternal auditors should loo forthe following inds of common schemes$

    L 5mproper revenue recognitionL 5mproper treatment of sales

    L 5mproper asset valuation

    L 5mproper deferral of costs and e,pensesL 5mproper recording of liabilities

    L 5nade#uate disclosures

    i i i &

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    39/44

    %isappropriation o&Assets

    usceptibility o assets to misappropriation.

    !ontrols

    E,amples of common schemes related to emplo+eetheft %asset misappropriation& include the following$

    L Personal purchases

    L Ihost emplo+ees

    L =ictitious e,penses

    L Altered pa+ee

    L Theft of cash %or inventor+&

    L apping

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    40/44

    Auitor?s Response to Ris5Assessment

    Engagement sta2ng and etent o supervision.Thenowledge* sill* and abilit+ of personnel assigned tothe engagement should be commensurate with theassessment of the level of ris of the engagement!

    3roessional skepticism.E,ercising professionalsepticism involves maintaining an attitude thatincludes a #uestioning mind and critical assessmentof audit evidence!

    4ature, timing, and etent o procedures perormed.=raud ris factors that have control implications ma+limit the auditor@s abilit+ to assess control ris belowthe ma,imum and thus reduce substantive testing

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    41/44

    Response to Detecte%isstatements Due to Frau

    Mhen the auditor has determined thatfraud e,ists but has had no materialeect on the "nancial statements* the

    auditor should Refer the matter to an appropriate level of

    management at least one level abovethose involved!

    Ne satis"ed that implications for otheraspects of the audit have been ade#uatel+considered!

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    42/44

    Mhen the fraud has had a material eect onthe "nancial statements or the auditor isunable to evaluate its degree of materialit+*the auditor should

    Consider the implications for other aspects of theaudit!

    7iscuss the matter with senior management andwith a board of director@s audit committee!

    Attempt to determine whether the fraud is material! 4uggest that the client consult with legal counsel* if

    appropriate

    D t ti

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    43/44

    DocumentationRe7uirements

    Mhere ris factors are identi"ed* thedocumentation should include

    %1& those ris factors identi"ed and

    %2& the auditor@s response to them

    FRAUD DETECTION

  • 7/25/2019 Business Ethics, Fraud and Fraud Detection

    44/44

    FRAUD DETECTIONTECHNI@UES

    To "nd the trail in the masses of data* theauditor "rst develops a fraud pro"leO thatidenti"es the data characteristics that onewould e,pect to "nd in a speci"c t+pe offraud scheme! This identi"cation re#uires anunderstanding of the enterprise@s processes

    and internal controls %and their weanesses&!(nce the fraud pro"le is developed* AC canbe used to manipulate the organi)ation@sdata to search for transactions that "t thepro"le