Accountants' Responsibilities Regarding Fraud, Part 1

1

© 2011 DeVry/Becker Educational Development Corp. All rights reserved.

The copyright in this material is owned by DeVry/Becker Educational Development Corp., or where specifically indicated, by the original creator of the

material. None of this material may be copied, reproduced, republished, or displayed in any form or by any means, including, bu t not limited to, electronic,

mechanical, photocopying, or otherwise, without the prior written permission of DeVry/Becker Educational Development Corp. or the copyright owner.

Accountants' Responsibilities

Regarding Fraud Today, Part 1

2

© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 2

Major Topic/Concept Index

Course Section Slide Number Major Topics/Concepts

Employee Fraud 79–133

• Categories

• Financial Statement Fraud Defined

• Methods

Fraud: The CPA's Responsibility 13–57

• General Responsibilities

• Sarbanes-Oxley Act Duties

• Corporate Responsibility

• Independent Auditor

Fraud: The Issues 5–12

• Impact

• The Associated Costs

• The Ways Fraud Is Committed

Prevention of Financial

Statement Fraud 134–141

• Reduce Pressures

• Reduce the Opportunity

• Reduce Rationalizations

Profile of Employees

Who Commit Fraud 58–78

• Three Elements of Fraud

• Pressures/Incentives

• Opportunity

• The Fraud Elements Lesson

3


Learning Objectives & Program Content

Learning Objectives:

In this first of this two-part course, participants will learn how to help protect companies, employees and

investors from the most common and disastrous forms of fraud today through effective internal control

guidance practices. See how the CPA’s duties relate to fraud and are guided by standards and

legislation. After the completing the session you will be able to:

• Outline the cost of fraud and ways it is committed.

• Define the CPA’s general duties relating to fraud as defined by SAS No. 99, Sarbanes-Oxley,

Private Securities Litigation reform Act, etc.

• Outline the profile of employees who commit fraud.

• Define the major categories of employee fraud, the impact, and how they are committed.

• Identify how to prevent financial statement fraud.

Program Prerequisites: None

Program Level: Basic

Program Content/Course Description:

With fraud devastating to large and small companies alike today – nearly one in four instances caused

at least $1 million in losses, with fraudulent financial statements the most expensive form of fraud –

CPAs are in a unique position to help address this critical issue. In this two-part course you will learn

what motivates people to commit fraud, CPA’s responsibilities and how financial statement fraud can be

prevented.

Advance Preparation: None Field of Study: Auditing

4


Fraud: The Issues

Fraud: The CPA's Responsibility

Profile of Employees Who Commit Fraud

Employee Fraud

Prevention of Financial Statement Fraud

Resources

5


Fraud: The Issues



Employee Fraud


Resources

6


Fraud: The Issues

I. Fraud: The Issues

A. Fraud's impact must be addressed by all CPAs.

1. To restore and improve public confidence in business and the

accounting profession.

2. CPAs are ideally positioned to help address the issues of

fraud.

3. Fraud has devastated large and small companies, employees,

and investors.

7


Fraud: The Issues

B. Fraud: The Associated Costs

The Association of Certified Fraud Examiners' (ACFE) 2010 Report

to the Nations on Occupational Fraud and Abuse (covering the

period from January 2008 through December 2009), for the first

time extended beyond U.S. borders to include reported fraud cases

from around the world. The following findings were noted:

1. Occupational fraud and abuse causes 5% of business revenue

to be lost each year. Extrapolated to global output this

represents a potential fraud loss of more than $2.9 trillion.

2. The median loss in this study was $160,000 with nearly ¼ of

the cases causing losses of at least $1 million.

3. Asset misappropriation was the most common type of fraud,

occurring in 90% of all reported cases, but was the least costly,

causing a median loss of $135,000.1

1"Report to the Nations on Occupational Fraud and Abuse." ACFE. 2010. http://www.acfe.com/rttn/2010-rttn.asp. Accessed July 2011.

8


Fraud: The Issues

4. Fraudulent financial statements represented only 5% of fraud

cases studied, but were the costliest form of fraud with a

median loss of more than $4 million.

KEY POINT

It is worth mentioning that the latest COSO report on Fraudulent Financial

Reporting determined that the average fraud period extended over 31.4 months,

an increase of nearly 8 months from their earlier study released in 1999. This,

despite the fact that the most recent COSO research included data gathered

after the passage of the Sarbanes-Oxley legislation. More information from the

COSO study is included later in this course, including an extended discussion of

the varying methods used by the COSO and ACFE researchers.2

2"Guidance on Fraudulent Financial Reporting: Fraudulent Financial Reporting: 1998-2007 – An Analysis of U.S. Public Companies (2010)." The website of the Committee of

Sponsoring Organizations of the Treadway Commission. http://www.coso.org/FraudReport.htm.

9


Fraud: The Issues

5. Tips continue to be the most effective method for detecting

fraud, consistent with the AFCE's 2002 study and every annual

study since then.

6. Fraud perpetrators often signal their illicit activity, most

frequently by living beyond their means (43% of cases), and

experiencing financial difficulties (36% of cases).

7. Small businesses (defined as those with less than 100

employees) continue to be the most likely targets for fraud as

these smaller organizations typically lack the controls in place

at larger businesses.1


10


Fraud: The Issues

8. Who are the most likely perpetrators?

a. Accounting department personnel (22%)

b. Operations staff (18%)

c. Sales personnel (13.5%)

d. Executives or upper management (13.5%)

e. Customer service (7.2%)

f. Purchasing personnel (6.2%)

KEY POINT

These six groupings accounted for just over 80% of all reported fraud cases in this

most recent ACFE report.1


11


Fraud: The Issues

C. The ways fraud is committed consistently fall into three major

categories.

1. These categories are:

a. Misappropriations of assets.

b. Fraudulent financial statements.

c. Corruption.

2. A discussion of these specific types of fraud follows later in this

course, in the section titled "Employee Fraud."


12


Fraud: The Issues

KEY POINT

The statistics just cited come from the ACFE report on occupational fraud. As

highlighted later in this course, the COSO study used a different methodology

and focused on financial statement fraud. The COSO study reported a median

fraud of $12.05 million, more than three times larger than the 1999 COSO study

results and six times larger than the ACFE study results (median ACFE financial

statement fraud in the U.S. = $1.73 million).2

Both studies do agree that financial statement fraud is the costliest fraud that

occurs today.



13


Fraud: The Issues



Employee Fraud


Resources

14



II. Fraud: The CPA's Responsibility

A. Introduction

The general duties with regard to fraud are mandated by a number

of standards and laws including:

1. Sarbanes-Oxley (2002).

2. Statement on Auditing Standards (SAS) No. 99, "Consideration

of Fraud in a Financial Statement Audit" (2002).

3. Private Securities Litigation Reform Act (1995).

15



B. General Responsibilities Pertaining to the Management Within

a Company Including Its Officers and Directors

1. Duty of Care

Officers and directors occupy a fiduciary relationship with the

corporation. Directors and officers are required to act in good

faith and with due care. Legally, they are required to exercise

"that degree of care usually expected of a reasonably prudent

and diligent person under similar circumstances."

16



2. Duty of Loyalty

Directors and officers must act in the best interest of the

corporation and should refrain from self-dealing.

EXAMPLE

Breaches of the Duty of Loyalty

1. Knowingly and willingly misstating the business results of the company.

2. Approving related party transactions that benefit friends or relatives at the

expense of the company.

3. Padding personal expense report.

4. Accepting kickbacks or bribes.

17



C. Sarbanes-Oxley Act Duties

1. Officers and Directors

The Chief Executive Officer and Chief Financial Officer of

public companies must personally certify annual and quarterly

SEC filings (required by Section 302).

2. Corporate Responsibility for Financial Reports

a. SEC report being filed must be reviewed.

b. Financial report must not contain any untrue statements,

or omit any material facts necessary to prevent misleading

statements.

c. Financial statements must fairly present, in all material

respects, the financial position, results of operations, and

cash flows.

"Sarbanes-Oxley Act of 2002." http://www.gpo.gov/fdsys/pkg/PLAW-107publ204/pdf/PLAW-107publ204.pdf. Accessed July 2011.

18



3. Public Company Audit Committees

Responsibilities and membership:

a. The audit committee is responsible for overseeing the

appointment, compensation and work done by the audit

firm.

b. Each audit committee member shall be a member of the

issuer's board of directors and shall be independent.

c. The member can only receive compensation from the

issuer for his or her position on the board of directors and

cannot accept any other compensation from the issuer or

be affiliated with the issuer.

d. The SEC can exempt persons from these requirements.


19



4. The Audit Committee Shall Establish Procedures for:

a. Treatment of complaints received by the issuer regarding

accounting, internal accounting controls and auditing

matters.

b. Confidential, anonymous submission by the issuer's

employees concerning questionable accounting

procedures.

5. Authority and Funding

Audit committees must be sufficiently funded and have

authority to hire independent advisers.


20



D. Corporate Responsibility (Sarbanes-Oxley Act)

Corporate Responsibility

Title 3, Sections 301-308

Sec. 301

Adds additional provisions to the Securities Exchange Act of 1934 relating to

Audit Committee Standards:

• Makes the Audit Committee responsible for the appointment, compensation

and oversight of the work of any registered public accounting firm employed

by the issuer.

• Requires members of the Audit Committee be on the Board of Directors

and otherwise independent.

• Requires Audit Committees to establish procedures for the receipt,

retention and treatment of complaints received concerning accounting,

internal accounting controls or auditing matters as well as the anonymous

submission by employees concerning questionable accounting or auditing

matters.


21



Sec. 302

Requires the CEO and CFO to certify with respect to each annual or quarterly

report of the issuer, that:

• The signing officer has reviewed the report, and

• The report fairly presents, in all material respects, the operations and

financial condition.

Sec. 304

CEOs and CFOs must reimburse their companies for any bonuses, incentive-

based or equity-based compensation, and any profits realized from the sale of

securities of the issuer during the one-year period following an accounting

restatement due to material non-compliance.

Sec. 306

Prohibits any director or executive officer of an issuer of any equity security

from, directly or indirectly, purchasing, selling or otherwise acquiring or

transferring any equity security of the issuer during a pension plan blackout

period that temporarily prevents plan participants or beneficiaries from

engaging in equity securities transactions through their plan accounts.

ntinued)


Corporate Responsibility (continued)


22



Sec. 307

Requires the SEC to issue rules setting minimum standards of professional

conduct for attorneys appearing and practicing before the SEC, including:

• Requiring attorneys to report evidence of a material violation of securities

law or breach of fiduciary duty or similar violation by the issuer to the

general counsel or CEO of the issuer.

• If the general counsel or officer does not appropriately respond to the

evidence, requiring the attorney to report the evidence to the Audit

Committee or to another committee of the Board comprised solely of

directors not employed by the issuer, or to the Board of Directors.


Corporate Responsibility (continued)


23



1. Corporate Responsibility for Financial Reports

Companies filing Forms 10-K and 10-Q reports must have the

CEO, CFO, or similar person certify in each report that:

a. The report is true, does not contain material deficiencies

and fairly represents the issuer's financial position based

on the officer's knowledge.

b. The signing officer is responsible for establishing internal

controls, has designed the controls to ensure that material

information is made known to the officer, and has

evaluated the controls within 90 days of the report.


24



c. The signing officer has disclosed to the issuer's auditors

and the audit committee all significant deficiencies in

internal control design that might adversely affect the

issuer's ability to process financial data and also any fraud

(whether or not material) involving management or other

employees with a significant role in the issuer's internal

controls.

d. The signing officer has indicated any significant changes

in internal controls that could affect internal controls after

the date of the evaluation.

e. SOX imposes criminal fines of up to $1 million and up to

10 years' imprisonment for knowingly making a

certification that does not comply, and fines of up to $5

million and imprisonment of up to 20 years for willfully

certifying a report that does not comply. "Sarbanes-Oxley Act of 2002." http://www.gpo.gov/fdsys/pkg/PLAW-107publ204/pdf/PLAW-107publ204.pdf. Accessed July 2011.

25



2. Prohibition Against Improper Influence on Audits

a. No director or officer may fraudulently influence or mislead

any independent public auditor for purpose of making the

financial statements materially misleading.

b. This rule is enforceable only by the SEC.

3. Forfeiture of Bonuses and Profits

a. If an issuer must restate financial statements because of

misconduct, the CEO and CFO must reimburse the issuer

for any bonus or incentive based compensation received

and turn over any profit made from the sale of the issuer's

securities during a one year period following the filing.

b. The SEC may exempt officers from this rule.


26



4. Officer and Director Limitations

The SEC may prohibit any person from acting as an officer or

director of an issuer if the SEC finds such person unfit to serve.

5. Prohibition Against Insider Trades During Pension Blackout

Periods

a. Directors, officers and insiders may not purchase or sell the

issuer's securities during a blackout period if the securities

were acquired in connection with their services for the issuer.

b. A blackout period is one where employees were prohibited

from trading securities in an issuer sponsored retirement plan.

c. Any profits resulting from violations of this section are

recoverable by the issuer. Any shareholder can file suit to

recover the profit if the issuer fails to take action against the

officer or director.


27



6. Section 1513 of Title 18 of the U.S. Code

Creates criminal liability for anyone who knowingly, with the

intent to retaliate, takes any harmful action against a person for

providing truthful information relating to the commission or

possible commission of any federal offense.

7. Section 1514A of Title 18 of the U.S. Code

Creates civil liability for companies that retaliate against

whistleblowers.

28


KEY POINT

This particular section on whistleblowers only applies to employees of publicly

traded companies. It makes it unlawful to fire, demote, suspend, threaten,

harass, or in any other manner discriminate against an employee for providing

information or aiding in an investigation of securities fraud. However, in order to

trigger these protections, the employee must report the suspected misconduct to

a federal regulatory or law enforcement agency; a member of Congress or a

committee of Congress; or a supervisor.

This protection provided to whistleblowers may be one of the strongest weapons

in the fight against fraud as The Report to the Nations on Occupational Fraud

and Abuse has consistently reported that tips are the single most effective

method for detecting fraud.1



29



8. Civil and Criminal Penalties for Noncompliance

a. Sarbanes-Oxley increases the jail term for existing crimes

such as mail fraud and wire fraud from five to twenty

years.

b. It makes it a crime to destroy documents and requires

auditors of public companies to keep work papers for at

least five years.

c. It authorizes the SEC to freeze questioned assets during

an investigation, and allows courts to order the

disgorgement of any bonuses received by a CEO or CFO

resulting from the company having to restate its financials

due to misconduct.

30



E. Independent Auditor: Sarbanes-Oxley Act

Auditors must timely report the following directly to the audit

committee:

1. All critical accounting policies and practices used.

2. Alternative GAAP methods that were discussed with

management, the ramifications of the use of those alternative

treatments, and the treatment preferred by the auditors.

3. Any other material written communications between the

auditors and management.

31



4. Independent Auditor: SAS 99 - Consideration of Fraud in a

Financial Statement Audit - a Result of Sarbanes-Oxley

The certified public accountant has the responsibility "to plan and

perform the audit to obtain reasonable assurance about whether the

financial statements are free of material misstatement, whether

caused by error or fraud."

a. Characteristics

Fraud risk can be evaluated by considering incentives,

pressures, opportunity, attitude and rationalization.

b. Consider How Fraud Is Committed

The engagement team is required to consider the various ways

the client could commit material fraud. The relevant factors are:

1) Nature of the business.

2) Management.

3) Internal controls.

4) Ethical values.

32



c. Assessing the risk of material fraud requires the following:

1) Auditors must interview management and other

appropriate personnel of the company to assess the

organization's risk of material misstatements due to

fraud.

2) When performing or planning analytical procedures,

consider unusual or unexpected relationships that

have been identified.

3) Consider whether fraud risk factors are present.

4) With respect to fraud risks and countermeasures,

make inquiry of those charged with audit governance.

5) Consider any other relevant information.

33



d. Identify risks that may result in misstatements due to fraud.

1) Assess the significance, likelihood, and pervasiveness

of the risk of fraud.

e. Assess the effect of the entity's programs and controls on

fraud risk.

1) Factors such as control mechanisms over

management override, as well as education,

prevention, and deterrence programs for employees

should all be considered.

34



F. Plan Testing Based Upon the Fraud Risk Assessment

Once the auditor has assessed the risk of material misstatement

due to fraud, he or she will determine the nature, extent, and

timing of the audit procedures.

G. Assess Audit Test Results

The auditor will evaluate the test results looking for such things as:

1. Discrepancies in accounting records.

2. Conflicting or missing audit evidence.

3. Problematic or unusual relationships between the client and

the auditor.

35



H. Communication with Those Charged with Audit Governance

1. The auditor must notify the client, even when the suspected

fraud is not material to the financial statements.

2. If the suspected fraud is material, or involves senior

management, the auditor must report the incident directly to

those charged with audit governance.

I. Required Audit Documentation

The auditor must document the various steps taken in assessing

the entity's risk of material misstatement due to fraud.

36



J. Risk Assessment Standards - SAS Nos. 104-111 issued

March 2006

Resulted in some significant conceptual and terminology changes

to GAAS. More notably, these standards:

1. Expand the definition of the term "reasonable assurance."

2. Require auditors to obtain a sufficient understanding of the

entity and its environment, including its internal control in order

to assess risk and design audit procedures.

3. Replace the term "sufficient competent evidential matter" with

the term "sufficient appropriate audit evidence."

4. Define the terms "audit evidence" and "relevant assertions."

37



5. Require consideration of risk at both the financial statement

level and the account balance, class of transactions or

disclosure level.

6. Revise the audit risk model to include just two components,

detection risk and risk of material misstatement (further broken

down into inherent and control risk).

7. Establish documentation requirements related to audit risk and

materiality.

8. Introduce the concept of overall audit strategy and how it

affects the development of the audit plan.

9. Define risk assessment procedures which are used to obtain

an understanding of the entity and its environment including its

internal control.

38



K. Public Companies Accounting Oversight Board (PCAOB)

further highlights the importance of risk assessment throughout

AS No. 5.

1. Materiality and risk are functions of the size and complexity of

the organization.

2. The risk assessment influences the selection of controls to test

and the evidence necessary for a given control. Some

examples of accounts and disclosures that should be risk-

assessed include:

a. Reserves and accruals.

b. Non-routine journal entries including significant calculations,

estimates or valuations.

c. Accounts receivable aging and valuations.

d. Returns and allowances.

e. Inventory adjustments.

39



3. AS No. 5 emphasizes a number of other key points/concepts.

a. Determination of Significant Accounts and

Disclosures and Relevant Assertions

The role of risk assessment is to determine which controls

would, in the event of failure, be likely to result in a

material error in the financial statements.

b. The Direct Relationship Between the Degree of Risk

that a Material Weakness Could Exist, and the Amount

of Audit Attention Required

PCAOB defines material weakness as "a deficiency or

combination of deficiencies in internal control over

financial reporting such that there is a reasonable

possibility that a material misstatement of the company's

annual or interim financial statements will not be prevented

or detected on a timely basis."

40



c. Reasonable Possibility of Material Misstatement

Reasonable possibility is a key component of the definition

of a material weakness.

d. Material Misstatement

Materiality defines the threshold for testing.

41



L. Audit Risk

1. What Is Audit Risk?

Audit risk is the risk that the auditor may unknowingly fail to

modify appropriately the opinion on financial statements that

are materially misstated.

a. Audit risk arises because the auditor obtains only

reasonable (and not absolute) assurance about whether

the financial statements are free of material

misstatement.

b. Audit risk should be reduced to a low level before an

opinion on the financial statements is expressed.

42



2. The Audit Risk Model

a. Audit risk is comprised of the risk that the financial

statements are materially misstated (risk of material

misstatement, or "RMM") and the risk that the auditor will

not detect such misstatements (detection risk, or "DR").

b. The components of audit risk may be assessed either

quantitatively (e.g., as a percentage), or non-quantitatively

(e.g., high, medium, low, etc.).

AR Audit Risk

(should be low)

=

RMM Risk of Material

Misstatement (assessed by auditor)

×

DR Detection Risk

(controlled by auditor)

43



c. Risk of Material Misstatement (RMM)

1) The auditor makes an assessment of the risk of

material misstatement by performing risk assessment

procedures and, where appropriate, tests of controls

(covered later).

2) The risk of material misstatement can be subdivided

into inherent risk ("IR") and control risk ("CR").

44



d. Inherent Risk ("IR")

Inherent risk is the susceptibility of a relevant assertion to

a material misstatement, assuming there are no related

controls.

1) Assertions involving complex calculations, amounts

derived from estimates, and cash have relatively

higher inherent risk than assertions without those

characteristics.

2) Other factors specific to the entity and its environment

may also tend to increase inherent risk, such as

technological developments that render a product

obsolete, a lack of working capital, or a decline in the

overall industry.

45



e. Control Risk ("CR")

Control risk is the risk that a material misstatement that

could occur in a relevant assertion will not be prevented or

detected on a timely basis by the entity's internal control.

1) Control risk is a function of the effectiveness of the

design and operation of internal control.

2) Some amount of control risk will always exist due to

inherent limitations of any system of internal control.

3) Inherent risk and control risk exist independently of

the audit, and the auditor generally cannot change

these risks.

46



KEY POINT

While the auditor generally cannot change the risk of material misstatement, the

auditor can change his or her assessment of the risk as the audit progresses.

If the auditor determines that the risk assessment is no longer low, then a

decision is needed regarding expanding the audit scope and procedures in

order to address this heightened risk of material misstatement.

47



f. Detection Risk ("DR")

Detection risk is the risk that the auditor will not detect a

misstatement that exists in a relevant assertion.

1) Detection risk is a function of the effectiveness of audit

procedures and of the manner in which they are

applied.

2) Some amount of detection risk will always exist

because the auditor does not examine 100% of an

account balance or transaction class, and because the

auditor may make mistakes in applying audit

procedures or in interpreting results.

3) Detection risk can be subdivided into tests of details

risk ("TD") and substantive analytical procedures risk

("AP").

4) The auditor can change detection risk.

48



M. Effect on the Audit

The auditor's overall judgment about the level of risk in an

engagement will affect the staffing, level of supervision, and scope

of the audit. While auditors use professional judgment to assess

each aspect of audit risk, they can change only the level of

detection risk. The auditor uses his or her assessment of the risk

of material misstatement as a basis for determining an appropriate

level of detection risk.

1. Inverse Relationship of RMM to DR

When the auditor determines that the risk of material

misstatement is high, detection risk should be set at a low

level. Conversely, when the risk of material misstatement is

low, the auditor can justify a higher detection risk.

49



2. The Auditor Can Change Detection Risk

The auditor can change the level of detection risk by varying

the nature, extent, and timing of audit procedures. For

example, as the acceptable level of detection risk decreases,

the assurance provided from substantive procedures should

increase. The auditor may:

a. Change the nature of substantive tests from a less

effective to a more effective procedure (e.g., direct test

toward independent parties outside the entity rather than

toward parties or documentation inside the entity).

b. Change the extent of substantive tests (e.g., use a larger

sample size).

50



c. Change the timing of substantive tests (e.g., perform

substantive tests at year-end rather than at interim).

Alternatively, if the acceptable level of detection risk

increases, the assurance that must be obtained from

substantive tests decreases, allowing for somewhat less

persuasive evidence to be used, for a reduced extent of

testing, or for more testing to be performed at interim.

3. Substantive Procedures Required

Note that even when the assessed risk of material

misstatement is low, substantive procedures will always be

necessary for all relevant assertions related to material

transaction classes, account balances, and disclosures.

51



N. Financial Statement Assertions

1. What are Financial Statements?

Financial statements are not statements of facts. They are

claims and assertions, made implicitly or explicitly by

management, about the recognition, measurement,

presentation, and disclosure of information in the financial

statements.

52



2. Categories of Assertions

Assertions used by the auditor fall into three categories:

a. Transactions and Events

1) Completeness. All transactions and events that

should have been recorded have been recorded.

2) (Proper period) Cutoff. Transactions and events have

been recorded in the correct (proper) accounting

period.

3) Accuracy. Amounts and other data relating to

recorded transactions and events have been recorded

appropriately.

4) Classification. Transactions and events have been

recorded in the proper accounts.

5) Occurrence. Transactions and events that have been

recorded have occurred and pertain to entity.

53



b. Account Balances

1) Completeness. All assets, liabilities, and equity

interests that should have been recorded have been

recorded.

2) Allocation and Valuation. Assets, liabilities, and equity

interests are included in the financial statements at

appropriate amounts, and any resulting valuation or

allocation adjustments are appropriately recorded.

3) Rights and obligations. The entity holds or controls

the rights to assets, and liabilities are the obligations

of the entity.

4) Existence. Assets, liabilities, and equity interests

exist.

54



c. Presentation and Disclosure

1) Completeness. All disclosures that should have been

included in the financial statements have been

included.

2) Understandability and Classification. Financial

information is appropriately presented and described

and disclosures are clearly expressed.

3) Rights and Obligations, and Occurrence. Disclosed

events and transactions have occurred and pertain to

the entity.

4) Valuation and Accuracy. Financial and other

information are disclosed fairly and at appropriate

amounts.

55



KEY POINT

The following mnemonic may be used to aid in your memorization of the

financial statement assertions:

CPA CO CARE CURV

Translation: "A CPA CO CAREs about CURVed assertions.“

56



3. Independent Auditor: Private Securities Litigation Reform Act

The Private Securities Litigation Reform Act (PSLRA), passed in 1995,

requires additional responsibilities for independent auditors of public

companies. It provides that the audit of the financial statements of a

public company must include the following:

a. Procedures designed to provide reasonable assurance of

detecting illegal acts that would have a direct and material effect

on the determination of financial statement amounts.

b. Procedures designed to identify related party transactions that

are material to the financial statements or otherwise require

disclosure.

c. An evaluation of whether there is substantial doubt about the

ability of the issuer to continue as a going concern during the next

fiscal year.

KEY POINT

The term illegal act is defined to mean any act or omission "that violates any law, rule, or

regulation having the force of law."

57



4. Auditor Steps if an Illegal Act Is Detected

a. Determining that an illegal act has occurred:

1) Address the possible effect of the illegal act on the

financial statements.

2) Notify the appropriate level of management

immediately, and verify that the audit committee is

adequately informed.

b. Auditor must determine whether (regarding company

management):

1) Senior management taken "timely and appropriate

remedial actions."

2) The failure to take corrective action "reasonably

expected, warrants departure from a standard report

of the auditor, or resignation from the audit

engagement?"

58


Fraud: The Issues



Employee Fraud


Resources

59



III. Profile of Employees Who Commit Fraud

KEY POINT

One of the earliest studies on why employees commit fraud was conducted by

Dr. Donald R. Cressey in 1953. His research method was to conduct extensive

interviews with about 200 inmates at Midwest prisons who had been

incarcerated for embezzlement. His ultimate theory became known as the

'Fraud Triangle,' and is the basis for the employee motives highlighted in these

next slides.3

3"The Small Business Fraud Prevention Manual." ACFE. 2008. http://www.acfe.com/documents/small-business-fraud-2008-excerpt.pdf.

60



A. Three Elements of Fraud

The accepted reason for why "good people" commit fraud is the

following:

1. Pressures/Incentives.

2. Perceived Opportunity.

3. Rationalizations/Attitudes.3


61



B. Pressures/Incentives

Pressure is caused by a financial need. The financial problem can

be personal or professional.

1. Cressey's research emphasized that the financial need is

perceived as 'non-sharable.'

a. The failure to share their problem with someone with a

more objective outlook who might have offered an

alternate solution may have contributed to the fraud.

2. Financial problems and their root in "status."

a. All involve some sort of embarrassment, shame, or

disgrace.

b. They threaten the violator's status as a person who is

respected by others.3


62



3. Cressey divided "non-sharable" problems into six basic

subtypes:

a. Unable to pay debts.

b. Personal failure such as drug addiction or poor personal

judgment.

c. Business reversals and possibly a business failing.

d. Sense of isolation.

e. Desire to maintain status level beyond their financial

means.

f. Disgruntled employee seeking to 'get even' with

employer.3


63



C. Opportunity

1. "Perceived" opportunity creates the means by which the fraud

can be committed.

2. The violator not only has to be able to steal assets, they need

to be able to do so and believe that they will not be caught or

the fraud itself will not be detected.

KEY POINT

This component of the Fraud Triangle identifies why internal controls are

important in fighting employee fraud. When companies establish strong internal

controls and actively communicates their intention to look out for fraud, it

removes this leg of the triangle and possibly prevents employees from stealing

from the company.3


64



D. Rationalizations/Attitudes

The majority of violators are first-time offenders with no criminal

past. They do not consider themselves as criminals or thieves.

1. Common Rationalizations

a. They were only borrowing the asset.

b. They were entitled to the asset.

c. They had to steal to provide for their family.

d. They are underpaid/employer had cheated them.

e. Their employer is dishonest to others and deserved it.3


65



E. The Fraud Model Does Not Always Apply

1. It does not apply to the "predatory employee" – the violator

who takes a job with the sole intent of stealing from the

company.

2. Frauds are not isolated events; they typically start as small

thefts or misstatements and they eventually increase in size

and frequency.

a. Once an employee is successful in their fraud scheme, the

elements of the Fraud Triangle, (Need, Opportunity, and

Rationalization), diminish in importance.

b. The fraud will typically continue and escalate even after

the initial 'problem' is resolved.

c. As the violator repeats the fraud, it becomes easier to

rationalize until no justification is required.3


66



F. The Fraud Elements Lesson

1. When all three factors are present it is more likely that fraud

may occur.

2. When one of the three elements is missing, fraud is much less

likely to occur.

3. Status (not greed) is the single most typical motivator for

occupational fraud.3


67



G. The Fraud (Elements) Consideration

1. The Opportunity

The threat of punishment is a non-factor with a violator

because they never expect to get caught.

2. The Rationalization

They do not view their actions as conduct that is or should be

punishable.

3. The Pressures/Incentives

a. The biggest threat to them is that their fraud will be

uncovered.

b. Detection will result in shame.

c. Any punishment that follows is only a secondary

consideration.3


68



H. Deterrence Program Elements

An effective deterrence program will directly target the three

elements of fraud. To be effective, the company should:

1. Identify and reduce pressures that might push employees into

committing fraud and/or illegal acts.

2. Identify and reduce perceived opportunities to commit fraud.

3. Educate and communicate in order to dispel rationalizations for

committing fraud.3


69


KEY POINT

The Cressey research is responsible for much of the accepted theory about

employee fraud, but this research is over 50 years old. Also, the data were

gathered from interviews of 200 convicted embezzlers. A more recent study

was published in 1983 by Hollinger-Clark based on interviews with 9000+

American workers. The researchers concluded that workplace conditions and

the resultant job dissatisfaction is the primary cause of employee theft.4


4"The Small Business Fraud Prevention Manual." ACFE. 2010. http://www.acfe.com/documents/small-business-fraud-2010-toc.pdf.

70



KEY POINT

Two professional accounting bodies have focused their energies on continuing fraud

research in order to shed light on this issue and, hopefully, assist accountants in

understanding this issue and recognizing risks that may lead to fraudulent practices.

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) is a

joint initiative of the five private sector accounting organizations: the American Accounting

Association, the AICPA, Financial Executives International, the Association for

Accountants and Financial Professionals in Business, and the Institute of Internal Auditors.

COSO defines its mission as one intended to provide "thought leadership through the

development of frameworks and guidance on enterprise risk management, internal control

and fraud deterrence." COSO sponsored several long term studies of fraud.

Their data are compiled from analysis of alleged fraudulent financial reporting by SEC

registrants. They have conducted long-term studies spanning 10-year intervals first in

1987 – 1997. Their most recent report reviewed SEC data from January 1998 through

December 2007 and was issued in 2010. The COSO report involved 347 companies

allegedly involved in fraud based on analysis of 1,335 SEC Accounting and Auditing

Enforcement Releases.2



71



KEY POINT

The Association of Certified Fraud Examiners (ACFE) first completed a report,

Report to the Nations on Occupational Fraud and Abuse in 1996, and has

issued updates biennially since 2002. The most recent study, their sixth report

issued under this title, was released in 2010.

The ACFE reports derive their data from instances of occupational fraud

reported by the certified fraud examiners who investigated the cases. The 2010

report is derived from 1843 cases. The 2010 report also, for the first time,

includes cases from both U.S. and non-U.S. companies.

It is the research findings from these two groups that provide an updated look at

instances of employee fraud, and a profile of the perpetrators.

The two research studies point to similar patterns about the perpetrators of

fraud. The following table highlights their findings about alleged motivations and

red flags for spotting potential perpetrators.1


72



RESEARCH METHODS COMPARED

COSO Report ACFE Report

Data Source SEC Accounting and Auditing

Enforcement Releases (AAER)

Survey distributed to 22,927

CFEs

Data Included 347 companies described in 1335

AAERs

1843 cases; 'only' 1021 cases

reported in the U.S.

Time Period January 1998 – December 2007

Completed investigations

between January 2008 and

preparation of survey report

Criteria for

Inclusion

Focused on instances of alleged

fraudulent financial reporting by

SEC registrants

Case had to include internal

fraud by individual against their

employer

Study Objective

Examine key company and

management characteristics, and

compare these to non-fraud

companies

Assist professionals who seek to

"deter, detect, prevent or simply

understand the global economic

impact of occupational fraud."

73



Research Findings on Fraud Motivations/'Red Flags'

COSO Report ACFE Report to the Nations

Alleged Motivation for Fraud:

• To meet external analysts earnings

expectations

• To meet internally set financial targets

• To conceal company's deteriorating

financial condition

• To bolster financial position for upcoming

financing

• To increase management compensation

for bonuses and stock appreciation

• To cover up assets misappropriated for

personal gain

Behavioral Red Flags of Perpetrators:

• Living beyond means

• Financial difficulties

• Control issues; unwilling to share duties

• Unusually close relationship with

vendors/customers

• Wheeler-dealer attitude

• Divorce or other family problems

• Irritability, suspiciousness, or defensiveness

• Addiction problems

• Refusal to take vacations

74



I. COSO Profile of Employee Fraud Perpetrator

The COSO study captured the names and positions of all

individuals named in the AAER for each alleged instance of

fraudulent financial reporting. The highest managerial title for the

employee was used to tabulate the individuals involved.

1. Employment position identified.

a. CEO and/or CFO: 89%

b. CEO: 72%

c. CFO: 65% (up from 43% in 1999 study)

d. Other VPs: 38%

e. Controller: 34% (up from 21% in 1999 study)

2. Duration of fraud scheme: the average fraud scheme extended

31.4 months.

a. The 1999 reported the average duration at 23.7 months.2



75



J. ACFE Report Profile of Perpetrators

The ACFE report identifies perpetrators in several broad

categories. The various components of their profile are provided

below as a percentage of reported fraud cases:

1. Position of Perpetrator – Frequency

a. Employee: 42.1%

b. Manager: 41.0%

c. Owner/Executive: 16.9%

2. Gender

a. Male: 66.7%

b. Female: 33.3%1


76



3. Age in Ranges

a. 36 to 40: 19.3%

b. 41 to 45: 19.3%

c. 31 to 35: 16.1%

d. 46 to 50: 13.7%

e. 26 to 30: 9.6%

f. 51 to 55: 9.4%

4. Tenure of Perpetrator

a. 1 to 5 years: 45.7%

b. More than 10 years: 25.4%

c. 6 to 10 years: 23.2%1


77



5. Education of Perpetrator

a. College degree: 38% (up from 34.4% in 2008 study)

b. High School Graduate: 28.8%

c. Some College: 17.1%

d. Post-graduate Degree: 14% (up from 10.9% in 2008)

6. Number of Cases by Department Employing Perpetrator

a. Accounting: 367 (22%)

b. Operations: 299 (18%)

c. Sales: 225 (13.5%)

d. Executive/Upper Management: 224 (13.5%)

7. Average duration of fraud scheme: 18 months1


78



KEY POINT

The ACFE reports from both 2008 and 2010 indicate that fraud perpetrators

were most often first-time offenders. Just over 85% of those identified as the

perpetrators of fraud in the current studies had never been charged or convicted

of fraud in any prior employment. This would indicate that criminal background

checks may have a limited impact on preventing fraud.

The data on who is committing fraud indicate that the most likely perpetrator is

male, college-educated, in his late 30's/early 40's, has been with the company

for less than 5 years, and works in the accounting department as a manager.

Depending on whether you rely on the COSO study or the ACFE report, the

perpetrator has been defrauding their employer either 18 months or closer to

3 years.

While the COSO and the ACFE report provide new clues to who is committing

fraud in today's companies, they also highlight a disturbing trend: increasingly,

accountants are involved in these fraud schemes.1 1"Report to the Nations on Occupational Fraud and Abuse." ACFE. 2010. http://www.acfe.com/rttn/2010-rttn.asp. Accessed July 2011.

79


Fraud: The Issues



Employee Fraud


Resources

80


Employee Fraud

IV. Employee Fraud

A. Categories per ACFE Report

1. Corruption was identified as the primary fraud scheme in

32.8% of reported cases. It is defined as using employee

influence for own benefit.

a. Conflicts of Interest – purchasing or sales schemes.

b. Bribery – invoice kickbacks or bid rigging.

c. Illegal Gratuities.

2. Asset Misappropriation was defined as deliberate misuse or

stealing of company resources by the employee. This was the

most frequent type of fraud reported and represented 86.3% of

cases in the 2010 ACFE study.1


81


Employee Fraud

a. This is a broad category covering both cash and non-cash

assets.

b. It includes traditional schemes of larceny, skimming,

misuse of business assets for personal use, and fraudulent

disbursements.

3. Fraudulent statements per the ACFE report included both

financial misrepresentations and non-financial statements. In

the 2010 ACFE report, the instance of financial statement

fraud was 4.8%, down from 10.3% in their 2008 report.

a. Financial statement fraud most typically involved

asset/revenue overstatement rather than understatement

of these accounts.

b. Non-financial statement fraud involved employment

credentials, internal documents, and internal documents.1 1"Report to the Nations on Occupational Fraud and Abuse." ACFE. 2010. http://www.acfe.com/rttn/2010-rttn.asp. Accessed July 2011.

82


Employee Fraud

KEY POINT

Of the three types of employee fraud identified in the ACFE report, this course

will focus on Financial Statement Fraud.

While this type of fraud occurs least often, it is the most costly. The ACFE 2010

report pegged the median cost of financial statement fraud at $1.7 million, down

from $2.0 million in their 2008 report. The COSO study, however, indicated a

mean of $25 million in their 2010 report. The COSO study did recognize that the

infamous frauds of the early 2000's could have skewed this average, but

concluded that the magnitude of the fraud problem has increased in this early

part of the 21st century compared to what occurred in the prior decade of the last

century.1


83


Employee Fraud

B. Financial Statement Fraud Defined

Financial statement fraud is the deliberate misrepresentation of the

financial condition of an enterprise accomplished through the

intentional misstatement or omission of amounts or disclosures in

the financial statements to deceive financial statement users.

Financial statement fraud occurs least frequently, but its dollar cost

is highest.

1. Typical Method

Financial statement fraud will involve:

a. Overstating assets, revenues, and profits.

b. Understating liabilities, expenses, and losses.

2. Atypical Method

The overall objective of the misrepresentation may

occasionally require the opposite action (e.g., concealing over-

budget results in a good year in order to have "cushions" for

the next year that is expected to be more competitive).

84


Employee Fraud

C. The Impact of Financial Statement Fraud

1. Financial statement fraud may have a devastating effect on the

reputation and the financial condition of the company and

employees.

a. The COSO study found that companies engaged in fraud

often filed bankruptcy, experienced significant asset sales,

or were delisted from stock exchanges.

2. The stock market valuation impact of the financial statement

fraud may result in the company's stock value falling

dramatically overnight, possibly losing millions of dollars for

shareholders.

a. Initial news of the alleged fraud was followed by an

average stock price decline of 16.7% in two days.

b. News of SEC investigation resulted in stock declines of

7.3%.

85


Employee Fraud

D. The CPA: Impact of Financial Statement Fraud

Potential consequences include:

1. The shame of being escorted into court by police, in view of

family and friends.

2. Being sentenced to prison.

3. A felony conviction.

4. Newspaper and television coverage seen by friends, family

and neighbors.

5. Loss of personal income.

6. Loss of CPA license.

7. Large legal fees.

8. Expulsion from the AICPA and state societies of CPAs.

9. Being a social outcast.

86


Employee Fraud

E. The Financial Statement Fraud Culprits

There are two main groups who commit financial statement fraud.

1. Mid- and lower-level employees.

2. Senior management.

F. Most Common Motives Cited by SEC for Committing Financial

Statement Fraud

1. To meet internal or external earnings projections.

2. To conceal company's deteriorating financial condition.

3. To increase stock price.

4. To bolster financial performance for pending financing.

5. To increase management compensation when compensation

is tied to company performance.

6. To cover up assets misappropriated for personal use.

87


Employee Fraud

G. Methods of Financial Statement Fraud

Perpetrators may use a variety of techniques to misstate financial

statements, but the most common involve improper revenue

recognition, overstatement of assets, and understating

expenses/liabilities.

1. Improper Revenue Recognition was identified in 61% of 347

fraud companies included in 2010 COSO study. A breakdown

within this category follows:

a. Recorded fictitious revenues: 48%.

b. Recording revenues prematurely: 35%.

c. Other: 2%.2



88


Employee Fraud

2. Overstatement of assets occurred in 51% of the SEC fraud

cases.

a. Overstated existing assets or capitalized expenses: 46%.

b. Recording fictitious assets or assets not owned: 11%.

3. Understatement of expenses/liabilities: 31%.

4. Misappropriation of assets: 14%.2

KEY POINT

These percentages cited for the methods used in both the gross categories and

the sub-groupings will not total to 100% as they reflect the incidence of multiple

fraud techniques used by the fraud perpetrators.



89


Employee Fraud

EXAMPLE

Techniques for Misstating Revenues

Sham Sales

Companies often falsified inventory records, shipping

records, or invoices; sometimes recording sales shipped

to another location of same company.

Conditional Sales Recorded revenues even though transaction contained

unresolved contingencies.

Recording Loans as

Sales ('Roundtripping')

Providing funds to customers to purchase goods or

recording loan proceeds as revenues.

Bill and Hold

Transactions

Improperly recording as sales bill and hold transactions

that did not meet criteria for revenue recognition.

Premature Revenue

Recording

Recording sales after order was completed but before

the goods were shipped to the customer.

90


Employee Fraud

EXAMPLE (continued)

Techniques for Misstating Revenues

Improper Sales Cut-off

Accounting records were held open beyond Balance

Sheet date to record sales of subsequent accounting

period in the current period.

Improper Use of

Percentage of Completion

The estimated percentage of completion was

accelerated to enhance revenues.

Unauthorized Shipments

Either goods were shipped to customers that the

customer never ordered; or defective goods were

shipped and revenues were recorded at full price

instead of discounted prices.

Consignment Sales Revenues were recorded for consignment shipments

or for goods shipped to customers on a trial basis.

91


Employee Fraud

H. Financial Statement Fraud: Groupings of Techniques Used

The previous table highlights various schemes used to misstate

revenues. These and other fraud schemes can be categorized into

three major groupings. Each scheme presents its own challenge to

the auditor reviewing the financial statements.

1. Accounting System: Tricks

The violator uses the accounting system to generate the

results they want. For example:

a. Manipulating the calculation of expenses such as

depreciation, bad debt or cost of goods sold.

b. Recording invoices in the wrong period.

c. Recording sales early to accelerate income.

d. Recording real transactions in the accounting system, but

intentionally misstating the dollar amounts.

92


Employee Fraud

2. Accounting System: Lies

The violator submits false and fictitious data and transactions

into the accounting system to manipulate results in a manner

greater than can be achieved by simply "tricking" the

accounting system. Examples:

a. Fictitious sales recorded to real or fake customers.

b. Inventory and receivables amounts created, with

documents later being forged to support the "lies."

c. Journal entries hidden or miscoded in an attempt to

conceal the fraud.

d. Transactions concealed through use of intercompany

accounts.

e. Transactions in the system have no basis in fact or are

improperly recorded.

93


Employee Fraud

3. Accounting System: Beyond the System

The violator produces whatever financial statements they

desire by using a personal computer.

4. Auditing Tips

a. To catch this type of fraud, trace the financial statements

back to the trial balance and related general ledger from

the accounting system.

1) There should be no documentary trail to support these

fraudulent transactions or balances reported in the

financial statements unless the fraudsters prepare

forged or altered documents to help support their

fraud.

94


Employee Fraud

KEY POINT

In December 1999, the Securities and Exchange Commission issued Staff

Accounting Bulletin No. 101, Revenue Recognition in Financial Statements

(SAB 101), which gives additional guidance on revenue recognition to cease

some inappropriate practices that had been noted. SAB 101 indicates that

revenue generally is realized or realizable and earned when all of the following

criteria are met:

Persuasive evidence of an arrangement exists.

Delivery has occurred or services have been rendered.

The seller's price to the buyer is fixed or determinable.

Collectability is reasonably assured.

95


Employee Fraud

KEY POINT

In order to satisfy the provision for persuasive evidence of an arrangement, the

documentation for the arrangement must contain all the final terms and conditions

between the parties and conform to customary business practices.

Incorporation by reference of other signed agreements is acceptable. A signed

general purpose agreement followed by complying purchase orders is acceptable.

Bifurcation of one contract into two contracts may create issues.

All terms and conditions of the arrangement must be finalized.

All the documentation must be signed by both parties prior to any revenue

recognition. Without the customer's signature – the agreement is not an enforceable

claim on the customer, even if the product has been delivered.

Without seller's signature, the agreement is only an offer by seller to license and/or

sell the product or service. The risks and rewards of ownership must pass from

seller to buyer. A consignment arrangement or demonstration product does not

qualify.

96


Employee Fraud

I. Financial Statement Fraud: Method Detail and Audit

Techniques and Tips

1. Some of the more common types of financial statement fraud

include:

a. Fictitious Revenues.

b. Timing Differences.

c. Improper Asset Valuations.

d. Concealed Liabilities and Expenses.

e. Improper Disclosures.

2. Expanded discussions of each of these items follows with tips

for spotting their use.

97


Employee Fraud

3. Fictitious Revenues

Fictitious sales typically involve fake or non-existent

customers. However, it could involve actual customers.

a. Indirect Methods: Fictitious Sales

These methods do not attempt to overstate gross sales,

instead, they understate those accounts which reduce

gross sales to arrive at net sales. For example,

understating discounts, returns and allowances will

artificially overstate net sales. There are two basic

methods:

1) Failure to record mark down discounts on

merchandise when the sale is made.

2) Failure to record returns as a reduction from gross

sales.

98


Employee Fraud

b. Warning Signs, indicating the possibility of fictitious

revenues

1) Excessive growth or unusually high profitability, when

compared to other companies in the same industry.

2) Repeatedly reporting negative cash flows from operations

while reporting earnings and earnings growth.

3) Large transactions with related parties or special purpose

entities not in the ordinary course of business.

4) Significant, unusual, or highly complex transactions,

typically those close to period end that pose difficult

"substance over form" issues.

5) Unusual increase in the number of days sales in

receivables.

6) A large volume of sales to companies whose ownership

is not known.

99


Employee Fraud

4. Timing Differences

Financial statement fraud often involves timing differences,

such as the recording of revenue and/or expenses in improper

periods. This is done to move revenues or expenses from one

period to the next, thereby increasing or decreasing earnings.

a. Premature Revenue Recognition

Revenue should be recognized when the four criteria set

out in Staff Accounting Bulletin No. 101 have been

satisfied:

1) Persuasive evidence of an arrangement exists.

2) Delivery has occurred or services have been

rendered.

3) The seller's price to the buyer is fixed or determinable.

4) Collectability is reasonably assured.

100


Employee Fraud

b. Long-term Contracts

Managers can "play with" the percentage of completion

and the estimated costs to complete a construction project,

hence, the company will recognize revenues prematurely

and cover-up contract cost overruns.

c. Channel Stuffing/Trade Loading

The sale of an unusually large volume of a product to

customers who are encouraged to over-purchase through

the use of large discounts or extended financing terms.

d. Postponing the proper recording of expenses

The timely recording of expenses is often violated due to

excessive pressures to meet goals and budget projections.

101


Employee Fraud

KEY POINT

The negative consequence is that by "robbing" from the next period's sales, it is

more difficult to achieve sales goals in the following period, leading to

increasingly aggressive levels of channel stuffing and ultimately a restatement.

Issues include unrecorded side agreements that grant a right of return,

effectively making the sales into consignment sales. Greater risk of returns for

certain products occur if they cannot be sold before their shelf life expires.

102


Employee Fraud

e. Warning Signs of Possible Timing Difference Fraud

1) Excessive growth or unusual high profitability, when

compared to other companies in the same industry.

2) Repeated reporting negative cash flows from

operations while reporting earnings.

3) Significant, unusual, or highly complex transaction,

especially near the end of the period end that pose

difficult "substance over form" questions.

4) Unusual spikes in gross margin or margin in excess of

industry standards.

5) Unusual increase in the number of days sales in

receivables.

6) Unusual decrease in the number of days purchases in

accounts payable.

103


Employee Fraud

5. Improper Asset Valuation

Applying the "lower of cost or market value" rule, where an

asset's cost exceeds its current market value (example:

obsolete technology), it must be written down to lower market

value.

KEY POINT

It is often necessary to use estimates in accounting. For example, estimates are

used in determining the residual value and the useful life of a depreciable asset,

the uncollectible portion of accounts receivable or the excess or obsolete portion

of inventory. Whenever estimates are used, there is an additional opportunity

for fraud by manipulating those estimates.

104


Employee Fraud

a. Inventory Valuation

Inventory must be valued at cost except when the cost is

higher than the current market value, inventory should be

written down to its current value which is lower.

1) Method of Manipulation

a) Physical inventory counts can be manipulated.

b) Unit costs used to price out inventory can be

manipulated.

c) Failure to reduce inventory for costs of goods

sold.

d) Programmed fraudulent computer reports that

incorrectly added up values.

105


Employee Fraud

e) A co-conspirator represents they are to be holding

inventory for the company.

f) "Bill and hold" items that have been recorded as

sales are included in the physical inventory count.

g) Goods held by the company on consignment.

h) Pallets of inventory with empty centers.

i) Moving inventory overnight between locations

being observed by auditors.

j) Insert phony count sheets or changing quantities

on the sheets during the inventory.

106


Employee Fraud

b. Accounts Receivable

The two most common fraud methods involving accounts

receivable are fictitious receivables and failure to write off

accounts receivable as bad debts.

1) Fictitious Accounts Receivable

The entry for a fictitious accounts receivable is to debit

accounts receivable credit sale. These schemes occur

most often at the end of the accounting period, because

accounts receivable should be paid in cash within a

reasonable time after period end.

DR: Accounts Rec. $XXX

CR: Sales $XXX

107


Employee Fraud

a) Auditor Issue: Confirmation

Fictitious accounts receivable might be concealed

by providing false confirmation of balances to

auditors. The mailing address provided for a fake

customer might be a mailbox under violator’s

control, a home address, or the business address

of a co-conspirator. Such fraud schemes can be

detected by reviewing business credit reports,

public records, or even the telephone book, to

identify significant customers.

b) Auditor Issue: Misuse of the "Allowance for

Doubtful Accounts"

Companies in need of more profits and income

will omit the recognition of such losses because of

the negative impact on the income statement.

108


Employee Fraud

c. Business Consolidations

Violators may attempt to misappropriate the purchase price.

Violators may create excessive reserves for various expenses

at the time of acquisition, planning to utilize those "cookie jars"

as sources of earnings at a future date.

d. Fixed Assets

Fixed assets can be fictitiously created by a variety of

schemes. They are subject to misstatement through many

different fraudulent methods:

1) Recording Fictitious Assets

The false reporting of assets affects the asset balance on

a business balance sheet. The most common fictitious

asset schemes are:

a) Creating fictitious documents.

b) Equipment is leased, not owned, and the asset is

capitalized.

109


Employee Fraud

2) Fixed Asset Valuation Issues

Fixed assets should be reported at cost (NBV).

Financial statement frauds have involved the

recording of fixed assets at the higher market values

instead of the lower acquisition costs, or at even

higher inflated values with fake valuations as

documentation.

3) Fixed Asset Understatement (to secure capital

expenditure approval)

Funding may be based on asset amounts. An

understatement can be done directly or through

improper depreciation.

110


Employee Fraud

4) Capitalization Policy Violations

Interest and finance charges incurred in the purchase

should be excluded from the cost of a purchased

asset.

5) Misclassifying Assets

Due to budget requirements, among other reasons,

assets are misclassified into general ledger accounts

which are improper. The manipulation affects

financial ratios and conceals non-compliance with loan

covenants or other borrowing requirements.

111


Employee Fraud

6) Warning Signs

a) Recurring negative cash flows from operations

while reporting earnings and earnings growth.

b) Significant declines in customer demand and

increasing business failures in either the industry

or overall economy.

c) Assets, liabilities, revenues, or expenses based

on significant estimates that involve subjective

judgments or uncertainties that are difficult to

corroborate.

d) Nonfinancial management's excessive

participation in or preoccupation with the selection

of accounting principles or the determination of

significant estimates.

112


Employee Fraud

e) Unusual spike in gross margin or margin in

excess of industry standards.

f) Unusual increase in the number of days sales in

receivables.

g) Unusual increase in the number of days

purchased in inventory.

h) Allowances for bad debts, excess and obsolete

inventory, that are decreasing in percentage

terms or are out of line with industry standards.

i) Unusual change in the ratios between fixed assets

and depreciation.

j) Adding to assets while the industry is reducing

capital expenditures.

113


Employee Fraud

6. Understating Liabilities and Expenses

Pre-tax income will increase when an expense or liability is not

recorded. This is less difficult to commit than falsifying sales

transactions. Missing transactions are harder for auditors to

detect than improperly recorded ones because there is no

audit trail.

a. Liability/Expense Omissions

Under this method of understating liabilities/expenses, the

violator fails to record them.

1) Debit memos can be created for chargebacks to

vendors, for claim permitted rebates, or allowances, or

simply to create additional income.

114


Employee Fraud

KEY POINT

Because they are easy to conceal, understated liabilities are often the most

difficult to uncover. A detailed review of all post-financial-statement-date

transactions can aid in the discovery of omitted liabilities. Furthermore, the

auditor should carefully review the client's files, a physical search may uncover

concealed invoices and un-posted liabilities.

Wrong-doers often plan to make up for their omitted liabilities with expectations

of other income sources such as profits from future price increases.

115


Employee Fraud

Financial Statements

Trial Balance

General Ledger

Subsidiary Ledger

Books of Original Entry

Source of Documents

Execution of Event

Transaction Approved

V O U C H Testing for Existence

Testing for Support

T R A C E Testing for Completeness

Testing for Coverage

race

ouch

116


Employee Fraud

b. Capitalized Expenses

Capitalizing expenses will result in an increase to income

and assets since capitalized items are depreciated over a

period of years rather than expensed in the current period.

1) Capital expenditures may be expensed

The privately owned business may want to minimize

its net income due to tax issues, or to increase

earnings in future periods.

117


Employee Fraud

c. Returns and Allowances and Warranties

A certain percentage of products sold will be returned.

With warranty liability fraud, the liability is either omitted or

substantially understated.

d. Warning Signs of Possible Liability & Expense Fraud

1) Recurring negative cash flows from operations or an

inability to generate cash flows from operations while

reporting earnings and earnings growth.

2) Assets, liabilities, revenues, or expenses based on

significant estimates that involve subjective judgments

or uncertainties that are difficult to corroborate.

118


Employee Fraud

3) Non-financial management's excessive participation in

or preoccupation with the selection of accounting

principles or the determination of significant estimates.

4) Unusual spike in gross margin or margin in excess of

industry standards.

5) Allowances for sales returns, warranty claims that are

decreasing in percentage terms or are out of line with

industry standards.

6) Unusual decrease in the number of days purchases in

accounts payable.

7) Reducing accounts payable reduction while the

industry is delaying payments to vendors.

119


Employee Fraud

7. Improper Disclosures

Improper disclosures associated with financial statement fraud

will typically involve the following: Liability Omissions,

Subsequent Events, Management Fraud, Related-Party

Transactions, and Accounting Changes.

a. Liability Omissions

Omissions include the failure to disclose loan covenants or

contingent liabilities. These agreements usually contain

various types of covenants including certain financial ratio

limits and restrictions.

b. Subsequent Events

Violators will fail to disclose court judgments and

regulatory decisions that adversely effect the reported

values of assets, that indicate unrecorded liabilities, or that

negatively reflect upon management.

120


Employee Fraud

c. Management Fraud

Management has the responsibility to disclose to the

shareholders significant fraud committed by officers,

executives, and others in positions of trust. Failure to

disclose such information from auditors would involve lying

to auditors, an illegal act in itself.

d. Related-Party Transactions

There is nothing inherently wrong with related-party

transactions. However, they must be fully disclosed.

121


Employee Fraud

e. Accounting Changes

Violators will fail to restate financial statements or disclose the

cumulative effect of a change in accounting principle made,

simply to improve earnings. They will fail to disclose

significant changes in estimates such as:

1) Depreciable assets' useful lives and estimated salvage

values.

2) Estimates of warranty.

3) Change in the reporting entity.

f. Warning Signs of Possible Disclosure Fraud

1) Domination of management by a single person or small

group (in a non-owner-managed business) without

compensating controls.

2) Ineffective board of directors or audit committee oversight

over the financial reporting process and internal control.

122


Employee Fraud

3) Ineffective communication, implementation, support,

or enforcement of the entity's values or ethical

standards by management or the communication of

inappropriate values or ethical standards.

4) Rapid growth or unusual profitability, especially

compared to that of other companies in the same

industry.

5) Significant, unusual, or highly complex transactions,

especially those close to period end that pose difficult

"substance over form" questions.

6) Significant related-party transactions not in the

ordinary course of business or with related entities not

audited or audited by another firm.

123


Employee Fraud

7) Significant bank accounts or subsidiary or branch

operations in tax-haven jurisdictions for which there

appears to be no clear business justification.

8) Overtly complex organizational structure involving

unusual legal entities or managerial lines of authority.

9) Known history of violations of securities laws or other

laws and regulations, or claims against the entity, its

senior management, or board members alleging fraud

or violations of laws and regulations.

10) Recurring attempts by management to justify marginal

or inappropriate accounting on the basis of materiality.

11) Formal or informal restrictions on the auditor that

inappropriately limit access to people or information or

the ability to communicate effectively with the board of

directors or audit committee.

124


Employee Fraud

J. Case example, where delivery has occurred or services have been

rendered. Let's consider the sale of a product that can be provided

a number of ways—software.

1. Physical Delivery

Occurs upon the transfer of a disk or tape containing the

software, accompanied by documentation, to a customer (not

to an intermediary site or a fulfillment house.)

a. "F.O.B. Shipping Point" or "F.O.B. Destination" needs to

be specified in the contract.

b. Example: software shipped on September 30 – F.O.B.

Destination.

c. Does the customer have software testing and acceptance

rights?

125


Employee Fraud

2. Electronic Delivery

Occurs when the customer takes possession of the software

via a download or is provided with access to the software via a

code ("key").

a. Examples: Software buyouts, network-wide base generic

software pools, list of GA features.

3. Multiple copies of the same software

An obligation to deliver additional software copies, physically or

electronically, does not impact revenue recognition.

4. Software Duplication

Considered incidental to meeting the delivery criteria.

a. Revenue can be recognized upon physical or electronic

delivery of the first copy.

b. Should accrue the cost of duplicating the software.

126


Employee Fraud

5. Multiple Licenses of the Same Software

The price in the contract is on a per-license basis and the

value of the contract is a function of the number of licenses

purchased by the customer.

a. Revenue is recognized when each separately-licensed

software copy is delivered.

6. If there is an undelivered element (hardware or software) that

is essential to the functionality of the delivered software

element, delivery has not occurred for purposes of revenue

recognition.

7. Terms and Conditions Presumed Substantive

a. Acceptance.

b. Installation or other services.

127


Employee Fraud

8. Substantial Completion

a. Only inconsequential or perfunctory actions.

b. Failure to complete would not result in a refund or

rejection of delivered products/services.

c. No undelivered elements essential to functionality.

9. Multiple Element Arrangement (MEA)

A contract to provide more than one software product (the

"element"), software product and services, or software product

with customer support (PCS).

a. Software arrangements with one element.

1) Recognize revenue when all the revenue recognition

criteria discussed previously have been met.

128


Employee Fraud

b. Software arrangements with multiple elements.

1) Must allocate the contract price to each element based on

vendor-specific objective evidence (VSOE) of fair value.

2) Recognize the allocated revenue when all the revenue

recognition criteria have been met, on an element-by-

element basis.

10. Allocation of Contract Price to Multiple Elements

a. VSOE is limited to either of the following:

1) The price charged when the element is sold separately to

other customers must be supportable by invoices and

auditable.

2) If the software is not yet sold separately, VSOE is the price

established by management having the requisite authority.

b. Separately stated prices in the contract does not meet the VSOE

requirement.

c. List prices do not meet the VSOE requirement.

129


Employee Fraud

11. Vendor-specific Objective Evidence of Fair Value

a. If VSOE does exist for all the elements, or:

1) All the elements are delivered (exceptions are PCS

and unspecified additional software products).

2) VSOE does exist for all the undelivered elements

(SOP 98-9: Residential Method).

b. VSOE criteria was intentionally made very narrow, past

"front-loading" abuses within the software industry.

1) Future deliverables cause valuation issues.

2) Invoice price (that will not change).

130


Employee Fraud

12. The seller's price to the buyer is fixed or determinable.

a. Price is stated, not subject to change, and payable in

accordance with normal terms.

b. Any extended payment terms in a software arrangement

may indicate that the price is not fixed or determinable.

1) Normal payment terms are net 30 days.

2) Need to determine the reason – does that reason

jeopardize revenue recognition?

c. If payment extends for more than twelve months after

delivery, the entire price should be presumed not to be

fixed or determinable.

131


Employee Fraud

d. If payments are a function of the number of units copies or

the expected number of users, the price is not fixed or

determinable at the outset of the arrangement.

1) Rationale: the longer the payment terms, the greater

the risk of price concessions due to the technological

obsolescence of the delivered software or the

introduction of new and improved software.

e. Revenue Recognition

If it is determined that the contract price is not fixed or

determinable, revenue is recognized as non-refundable,

contractual payments become due.

132


Employee Fraud

13. Collectability Is Not Reasonably Assured

a. Customer financing arrangements need to be reviewed

closely.

1) Credit issue or competitive issue.

b. A past practice of providing concessions to the customer is

difficult to overcome.

1) History of concessions (to possibly encourage

payment).

2) Concession is defined broadly.

c. Customer acceptance clauses need to be evaluated in

detail.

1) Linking payment terms to acceptance may create

uncertainty about collectability upon delivery of the

software.

133


Employee Fraud

d. Returns must be reasonably estimable.

e. Collection is contingent upon some future events, e.g.,

resale of the product, receipt of additional funding, or

litigation.

f. The customer does not have the ability to pay, e.g., it is

financially troubled, it has purchased far more than it can

afford, or it is a shell company with minimal assets.

134


Fraud: The Issues



Employee Fraud


Resources

135



V. Prevention of Financial Statement Fraud

KEY POINT

Both the COSO report and the ACFE study point to executive and upper

management personnel as the primary perpetrators of financial statement

frauds. Individuals with high level management positions can use their authority

to override most internal controls, so those controls can be of limited value in

preventing financial statement fraud.

Most approaches to reducing financial statement fraud fall back on the Cressey

study and its Fraud Triangle theory. The focus is therefore placed on reducing

pressures, reducing the opportunity, and reducing rationalization. Some specific

recommendations for each of these strategies follow.3


136



A. Reduce Pressures

1. Directors and officers should "set the tone."

2. Avoid setting unreasonable financial targets.

3. Avoid applying excessive pressure on employees to achieve

goals.

4. Adjust goals when market conditions change.

5. Establish fair compensation systems.

6. Discourage excessive external expectations of future corporate

performance.

7. Remove operational obstacles blocking effective performance..

137



B. Reduce the Opportunity

1. Maintain strong internal controls.

2. Monitor the business transactions and interpersonal

relationships of suppliers, buyers, purchasing agents, sales

representatives, and others.

3. Establish a physical security system to secure company

assets.

4. Maintain segregation of duties.

5. Human resources should have accurate personnel records

including background checks on new employees.

6. Establish strong supervision within groups to enforce

accounting procedures.

7. Establish clear and uniform accounting procedures with no

exception clauses.

138



C. Reduce Rationalization

1. Promote good values and integrity within the organization.

2. Clearly define prohibited behavior with respect to accounting

and financial statement fraud.

3. Provide regular training to all employees.

4. Establish confidential reporting systems to communicate

problems.

5. Senior executives must communicate to employees that

integrity is a priority.

6. Management practices and sets an example by promoting

honesty in the accounting area.

7. The consequences of violating the rules and the punishment of

violators should be communicated clearly.

139



KEY POINT

Beyond these strategies, the ACFE report does provide some dollar-specific

ranking of the effectiveness of implementing anti-fraud controls. The following

table shows the top 10 most effective anti-fraud controls. It is interesting to note

how cost-effective some techniques are, even when infrequently used, for

example, surprise audits were used in only 28.9% of the cases reported, but

resulted in a 51.5% reduction in loss due to fraud. Job rotation proved very cost

effective as well. This policy was in place in only 14.6% of the cases reported,

but still resulted in nearly a 50% reduction in losses.1


140



Median Loss Based on Presence of Anti-Fraud Controls

Control

% of Cases

Implemented

Control

in Place Control Absent % Reduction

Hotline 48.6% $100,000 $245,000 59.2%

Employee Support

Programs 44.8% $100,000 $244,000 59.0%

Surprise Audits 28.9% $ 97,000 $200,000 51.5%

Fraud Training for

Employees 39.6% $100,000 $200,000 50.0%

Fraud Training for

Mgt/Exec 41.5% $100,000 $200,000 50.0%

Job Rotation/

Mandatory Vacation 14.6% $100,000 $188,000 46.8%

Code-of-Conduct 69.9% $140,000 $262,000 46.6%

Anti-Fraud Policy 39.0% $140,000 $200,000 40.0%

Management Review 53.3% $120,000 $200,000 40.0%

External Audit of

ICOFR 59.3% $140,000 $215,000 34.9%

141



KEY POINT

The 2010 COSO report included little in the way of significant differences

between firms that engaged in financial statement fraud and the 'no-fraud' firms.

The only major distinction that the committee noted was that fraud firms

engaged in significantly more related party transactions. Also, the rate of auditor

changes for fraud firms was double the rate for a similar set of no-fraud firms:

26% versus 12%.

In light of seemingly inconclusive results, the COSO researchers recommend

continued study to help to "strengthen the prevention, deterrence, and detection

of fraudulent financial reporting".2



142


Fraud: The Issues



Employee Fraud


Resources

143


Resources

"Report to the Nations on Occupational Fraud and Abuse." ACFE. 2010.

http://www.acfe.com/rttn/2010-rttn.asp. Accessed July 2011.

"Guidance on Fraudulent Financial Reporting: Fraudulent Financial Reporting: 1998-

2007 – An Analysis of U.S. Public Companies (2010)." The website of the

Committee of Sponsoring Organizations of the Treadway Commission.

http://www.coso.org/FraudReport.htm. Accessed July 2011.

"Sarbanes-Oxley Act of 2002." http://www.gpo.gov/fdsys/pkg/PLAW-

107publ204/pdf/PLAW-107publ204.pdf. Accessed July 2011.

"The Small Business Fraud Prevention Manual." ACFE. 2008.

http://www.acfe.com/documents/small-business-fraud-2008-excerpt.pdf.

Accessed July 2011.

"The Small Business Fraud Prevention Manual." ACFE. 2010.

http://www.acfe.com/documents/small-business-fraud-2010-toc.pdf. Accessed

July 2011.

"Home page." The website of the Committee of Sponsoring Organizations of the

Treadway Commission. http://www.coso.org/. Accessed July 2011.

144


Thank You!

Accountants' Responsibilities Regarding Fraud, Part 1

Documents

Transcript of Accountants' Responsibilities Regarding Fraud, Part 1