it auditing & assurance, 2e, hall & singleton c hapter 12: fraud schemes & fraud...
TRANSCRIPT
![Page 1: IT Auditing & Assurance, 2e, Hall & Singleton C hapter 12: Fraud Schemes & Fraud Detection](https://reader036.vdocuments.net/reader036/viewer/2022081506/56649e745503460f94b75519/html5/thumbnails/1.jpg)
IT Auditing & Assurance, 2e, Hall & Singleton
Chapter 12:Fraud Schemes & Fraud Detection
![Page 2: IT Auditing & Assurance, 2e, Hall & Singleton C hapter 12: Fraud Schemes & Fraud Detection](https://reader036.vdocuments.net/reader036/viewer/2022081506/56649e745503460f94b75519/html5/thumbnails/2.jpg)
IT Auditing & Assurance, 2e, Hall & Singleton
FRAUD Asset misappropriation fraud
1. Stealing something of value – usually cash or inventory (i.e., asset theft)
2. Converting asset to usable form3. Concealing the crime to avoid detection4. Usually, perpetrator is an employee
Financial fraud1. Does not involve direct theft of assets2. Often objective is to obtain higher stock price (i.e., financial fraud) 3. Typically involves misstating financial data to gain additional
compensation, promotion, or escape penalty for poor performance
4. Often escapes detection until irreparable harm has been done 5. Usually, perpetrator is executive management
Corruption fraud1. Bribery, etc.
![Page 3: IT Auditing & Assurance, 2e, Hall & Singleton C hapter 12: Fraud Schemes & Fraud Detection](https://reader036.vdocuments.net/reader036/viewer/2022081506/56649e745503460f94b75519/html5/thumbnails/3.jpg)
IT Auditing & Assurance, 2e, Hall & Singleton
ACFE 2004 REPORT TO THE NATION
![Page 4: IT Auditing & Assurance, 2e, Hall & Singleton C hapter 12: Fraud Schemes & Fraud Detection](https://reader036.vdocuments.net/reader036/viewer/2022081506/56649e745503460f94b75519/html5/thumbnails/4.jpg)
IT Auditing & Assurance, 2e, Hall & Singleton
FRAUD SCHEMES Fraudulent financial statements {5%}
Corruption {13%} Bribery Illegal gratuities Conflicts of interest Economic extortion
Asset misappropriation {85%} Charges to expense accounts Lapping Kiting Transaction fraud
Percentages per ACFE 2002 Report to the Nation – see Table 12-1
![Page 5: IT Auditing & Assurance, 2e, Hall & Singleton C hapter 12: Fraud Schemes & Fraud Detection](https://reader036.vdocuments.net/reader036/viewer/2022081506/56649e745503460f94b75519/html5/thumbnails/5.jpg)
IT Auditing & Assurance, 2e, Hall & Singleton
COMPUTER FRAUD SCHEMES
Data Collection
Data Processing
Database Management
Information Generation
![Page 6: IT Auditing & Assurance, 2e, Hall & Singleton C hapter 12: Fraud Schemes & Fraud Detection](https://reader036.vdocuments.net/reader036/viewer/2022081506/56649e745503460f94b75519/html5/thumbnails/6.jpg)
IT Auditing & Assurance, 2e, Hall & Singleton
AUDITOR’S RESPONSIBILITY FOR DETECTING FRAUD—SAS NO. 99
Sarbanes-Oxley Act 2002 SAS No. 99 – “Consideration of Fraud in a
Financial Statement Audit”1. Description and characteristics of fraud2. Professional skepticism3. Engagement personnel discussion4. Obtaining audit evidence and information5. Identifying risks6. Assessing the identified risks7. Responding to the assessment8. Evaluating audit evidence and information9. Communicating possible fraud10. Documenting consideration of fraud
![Page 7: IT Auditing & Assurance, 2e, Hall & Singleton C hapter 12: Fraud Schemes & Fraud Detection](https://reader036.vdocuments.net/reader036/viewer/2022081506/56649e745503460f94b75519/html5/thumbnails/7.jpg)
IT Auditing & Assurance, 2e, Hall & Singleton
FRAUDULANT FINANCIAL REPORTING
Risk factors:
1. Management’s characteristics and influence over the control environment
2. Industry conditions
3. Operating characteristics and financial stability
![Page 8: IT Auditing & Assurance, 2e, Hall & Singleton C hapter 12: Fraud Schemes & Fraud Detection](https://reader036.vdocuments.net/reader036/viewer/2022081506/56649e745503460f94b75519/html5/thumbnails/8.jpg)
IT Auditing & Assurance, 2e, Hall & Singleton
FRAUDULANT FINANCIAL REPORTING
Common schemes: Improper revenue recognition Improper treatment of sales Improper asset valuation Improper deferral of costs and
expenses Improper recording of liabilities Inadequate disclosures
![Page 9: IT Auditing & Assurance, 2e, Hall & Singleton C hapter 12: Fraud Schemes & Fraud Detection](https://reader036.vdocuments.net/reader036/viewer/2022081506/56649e745503460f94b75519/html5/thumbnails/9.jpg)
IT Auditing & Assurance, 2e, Hall & Singleton
What Is Internal Control?
Control Environment
Control activities
Risk Assessment
Information / Communication
Monitoring
Sets the tone of an organization.
Influences control consciousness
Foundation for all other components
Provides discipline and structure
![Page 10: IT Auditing & Assurance, 2e, Hall & Singleton C hapter 12: Fraud Schemes & Fraud Detection](https://reader036.vdocuments.net/reader036/viewer/2022081506/56649e745503460f94b75519/html5/thumbnails/10.jpg)
IT Auditing & Assurance, 2e, Hall & Singleton
Why Did It Take So Long to Find Out?
![Page 11: IT Auditing & Assurance, 2e, Hall & Singleton C hapter 12: Fraud Schemes & Fraud Detection](https://reader036.vdocuments.net/reader036/viewer/2022081506/56649e745503460f94b75519/html5/thumbnails/11.jpg)
IT Auditing & Assurance, 2e, Hall & Singleton
What Is Internal Control?
Control Environment
Control activities
Risk Assessment
Information / Communication
Monitoring
Identification and analysis
Relevant risks to objective achievement
Forms basis of risk management
![Page 12: IT Auditing & Assurance, 2e, Hall & Singleton C hapter 12: Fraud Schemes & Fraud Detection](https://reader036.vdocuments.net/reader036/viewer/2022081506/56649e745503460f94b75519/html5/thumbnails/12.jpg)
IT Auditing & Assurance, 2e, Hall & Singleton
What Is Internal Control?
Control Environment
Control activities
Risk Assessment
Information / Communication
Monitoring
Policies and procedures
Help ensure achievement of
management objectives
![Page 13: IT Auditing & Assurance, 2e, Hall & Singleton C hapter 12: Fraud Schemes & Fraud Detection](https://reader036.vdocuments.net/reader036/viewer/2022081506/56649e745503460f94b75519/html5/thumbnails/13.jpg)
IT Auditing & Assurance, 2e, Hall & Singleton
What Is Internal Control?
Control Environment
Control activities
Risk Assessment
Information / Communication
Monitoring
Information identification, capture,
and exchange
Forms and time frames
Enables people to carry out responsibilities
![Page 14: IT Auditing & Assurance, 2e, Hall & Singleton C hapter 12: Fraud Schemes & Fraud Detection](https://reader036.vdocuments.net/reader036/viewer/2022081506/56649e745503460f94b75519/html5/thumbnails/14.jpg)
IT Auditing & Assurance, 2e, Hall & Singleton
Risk FactorsMisappropriation of Assets
Poor recordkeeping
Lack of management oversight
Inadequate job applicant screening
Poor segregation of duties or independent checks
![Page 15: IT Auditing & Assurance, 2e, Hall & Singleton C hapter 12: Fraud Schemes & Fraud Detection](https://reader036.vdocuments.net/reader036/viewer/2022081506/56649e745503460f94b75519/html5/thumbnails/15.jpg)
IT Auditing & Assurance, 2e, Hall & Singleton
Risk FactorsMisappropriation of Assets
Poor physical safeguards
Inappropriate transaction authorization and approval
No mandatory vacations for control function employees
Lack of timely and appropriate transaction documentation
![Page 16: IT Auditing & Assurance, 2e, Hall & Singleton C hapter 12: Fraud Schemes & Fraud Detection](https://reader036.vdocuments.net/reader036/viewer/2022081506/56649e745503460f94b75519/html5/thumbnails/16.jpg)
IT Auditing & Assurance, 2e, Hall & Singleton
Risk FactorsSusceptibility of Assets to Misappropriation
Large amounts of cash on hand or in process.
![Page 17: IT Auditing & Assurance, 2e, Hall & Singleton C hapter 12: Fraud Schemes & Fraud Detection](https://reader036.vdocuments.net/reader036/viewer/2022081506/56649e745503460f94b75519/html5/thumbnails/17.jpg)
IT Auditing & Assurance, 2e, Hall & Singleton
Risk FactorsSusceptibility of Assets to Misappropriation
Inventory that is small in size, high in value, or in high demand.
![Page 18: IT Auditing & Assurance, 2e, Hall & Singleton C hapter 12: Fraud Schemes & Fraud Detection](https://reader036.vdocuments.net/reader036/viewer/2022081506/56649e745503460f94b75519/html5/thumbnails/18.jpg)
IT Auditing & Assurance, 2e, Hall & Singleton
Risk FactorsSusceptibility of Assets to Misappropriation
Easily convertible assetsEasily convertible assets
![Page 19: IT Auditing & Assurance, 2e, Hall & Singleton C hapter 12: Fraud Schemes & Fraud Detection](https://reader036.vdocuments.net/reader036/viewer/2022081506/56649e745503460f94b75519/html5/thumbnails/19.jpg)
IT Auditing & Assurance, 2e, Hall & Singleton
Risk FactorsSusceptibility of Assets to Misappropriation
Fixed assets that are small, marketable, or lack Fixed assets that are small, marketable, or lack ownership identification.ownership identification.
![Page 20: IT Auditing & Assurance, 2e, Hall & Singleton C hapter 12: Fraud Schemes & Fraud Detection](https://reader036.vdocuments.net/reader036/viewer/2022081506/56649e745503460f94b75519/html5/thumbnails/20.jpg)
IT Auditing & Assurance, 2e, Hall & Singleton
Risk FactorsMaterial Misstatements Due to Fraud
Transactions improperly recorded or not recorded completely / timely.
Unsupported/unauthorized balances or transactions.
Last-minute adjustments significantly affecting financial results.
![Page 21: IT Auditing & Assurance, 2e, Hall & Singleton C hapter 12: Fraud Schemes & Fraud Detection](https://reader036.vdocuments.net/reader036/viewer/2022081506/56649e745503460f94b75519/html5/thumbnails/21.jpg)
IT Auditing & Assurance, 2e, Hall & Singleton
Risk FactorsConflicting or Missing Evidential Matter
Missing documents or photocopies where originals should be.
Missing significant inventory or physical assets.
![Page 22: IT Auditing & Assurance, 2e, Hall & Singleton C hapter 12: Fraud Schemes & Fraud Detection](https://reader036.vdocuments.net/reader036/viewer/2022081506/56649e745503460f94b75519/html5/thumbnails/22.jpg)
IT Auditing & Assurance, 2e, Hall & Singleton
Risk FactorsConflicting or Missing Evidential Matter
Unusual discrepancies between records and confirmation replies.
Significant unexplained items on reconciliations.
![Page 23: IT Auditing & Assurance, 2e, Hall & Singleton C hapter 12: Fraud Schemes & Fraud Detection](https://reader036.vdocuments.net/reader036/viewer/2022081506/56649e745503460f94b75519/html5/thumbnails/23.jpg)
IT Auditing & Assurance, 2e, Hall & Singleton
Risk FactorsConflicting or Missing Evidential Matter
Inconsistent, vague, or implausible responses to inquiries or analytical procedures.
![Page 24: IT Auditing & Assurance, 2e, Hall & Singleton C hapter 12: Fraud Schemes & Fraud Detection](https://reader036.vdocuments.net/reader036/viewer/2022081506/56649e745503460f94b75519/html5/thumbnails/24.jpg)
IT Auditing & Assurance, 2e, Hall & Singleton
MISAPPROPRIATION OF ASSETS
Common schemes: Personal purchases Ghost employees Fictitious expenses Altered payee Pass-through vendors Theft of cash (or inventory) Lapping
![Page 25: IT Auditing & Assurance, 2e, Hall & Singleton C hapter 12: Fraud Schemes & Fraud Detection](https://reader036.vdocuments.net/reader036/viewer/2022081506/56649e745503460f94b75519/html5/thumbnails/25.jpg)
IT Auditing & Assurance, 2e, Hall & Singleton
ACFE 2004 REPORT TO THE NATION
![Page 26: IT Auditing & Assurance, 2e, Hall & Singleton C hapter 12: Fraud Schemes & Fraud Detection](https://reader036.vdocuments.net/reader036/viewer/2022081506/56649e745503460f94b75519/html5/thumbnails/26.jpg)
IT Auditing & Assurance, 2e, Hall & Singleton
AUDITOR’S RESPONSE TO RISK ASSESSMENT
Engagement staffing and extent of supervision
Professional skepticism
Nature, timing, extent of procedures performed
![Page 27: IT Auditing & Assurance, 2e, Hall & Singleton C hapter 12: Fraud Schemes & Fraud Detection](https://reader036.vdocuments.net/reader036/viewer/2022081506/56649e745503460f94b75519/html5/thumbnails/27.jpg)
IT Auditing & Assurance, 2e, Hall & Singleton
AUDITOR’S RESPONSE TO DETECTED MISSTATEMENTS DUE TO FRAUD If no material effect:
Refer matter to appropriate level of management Ensure implications to other aspects of the audit
have been adequately addressed
If effect is material or undeterminable: Consider implications for other aspects of the audit Discuss the matter with senior management and
audit committee Attempt to determine if material effect Suggest client consult with legal counsel
![Page 28: IT Auditing & Assurance, 2e, Hall & Singleton C hapter 12: Fraud Schemes & Fraud Detection](https://reader036.vdocuments.net/reader036/viewer/2022081506/56649e745503460f94b75519/html5/thumbnails/28.jpg)
IT Auditing & Assurance, 2e, Hall & Singleton
AUDITOR’S DOCUMENTATION
Document in the working papers criteria used for assessing fraud risk factors:
1. Those risk factors identified
2. Auditor’s response to them
![Page 29: IT Auditing & Assurance, 2e, Hall & Singleton C hapter 12: Fraud Schemes & Fraud Detection](https://reader036.vdocuments.net/reader036/viewer/2022081506/56649e745503460f94b75519/html5/thumbnails/29.jpg)
IT Auditing & Assurance, 2e, Hall & Singleton
FRAUD DETECTION TECHNIQUES USING ACL
Payments to fictitious vendors Sequential invoice numbers Vendors with P.O. boxes Vendors with employee address Multiple company with same address Invoice amounts slightly below review
threshold
![Page 30: IT Auditing & Assurance, 2e, Hall & Singleton C hapter 12: Fraud Schemes & Fraud Detection](https://reader036.vdocuments.net/reader036/viewer/2022081506/56649e745503460f94b75519/html5/thumbnails/30.jpg)
IT Auditing & Assurance, 2e, Hall & Singleton
FRAUD DETECTION TECHNIQUES USING ACL Payroll fraud
Test for excessive hours worked Test for duplicate payments Tests for non-existent employee
![Page 31: IT Auditing & Assurance, 2e, Hall & Singleton C hapter 12: Fraud Schemes & Fraud Detection](https://reader036.vdocuments.net/reader036/viewer/2022081506/56649e745503460f94b75519/html5/thumbnails/31.jpg)
IT Auditing & Assurance, 2e, Hall & Singleton
Chapter 12:Fraud Schemes & Fraud Detection
IT Auditing & Assurance, 2e, Hall & Singleton