The Fraud Side of Forensic Accounting D. Larry Crumbley, CPA, Cr

The Fraud Side of Forensic Accounting D. Larry Crumbley, CPA, Cr
The Fraud Side of Forensic Accounting D. Larry Crumbley, CPA, Cr.FA, CFD KPMG Endowed Professor Department of Accounting Louisiana State University Baton Rouge, LA Fax Dr. Crumbley is the Editor of the Journal of Forensic Accounting: Auditing, Fraud, and Risk, Former chair of the Executive Board of Accounting Advisors of the American Board of Forensic Accountants, Member of the NACVA’s Fraud Deterrence Board, and On the AICPA’s Fraud Task Force ( ). A frequent contributor to the Forensic Examiner, Professor Crumbley is a co-author of CCH Master Auditing Guide, along with more than 50 other books and 350 articles. His latest book entitled Forensic and Investigative Accounting is published by Commerce Clearing House ( ). Some of his 12 educational novels have as the main character a forensic accountant. His goal is to create a television series based upon the exciting life of a forensic accountant and litigation consultant.

Definition of Forensic Auditor
Someone who can look behind the facade--not accept the records at their face value--someone who has a suspicious mind that the documents he or she is looking at may not be what they purport to be and someone who has the expertise to go out and conduct very detailed interviews of individuals to develop the truth, especially if some are presumed to be lying. Robert G. Roche, a retired chief of the IRS Criminal Investigation Division of the IRS

Definition of Forensic Accounting
Forensic accounting is the application of accounting, tax, auditing, finance, quantitative analysis, investigative and research skills, and an understanding of the legal process for the purpose of identifying, collecting, analyzing, and interpreting financial or other data or issues in connection with: Litigation services: providing assistance for actual, pending or potential legal or regulatory proceedings before a trier of fact in connection with the resolution of disputes between parties, or Non-litigation services: performing analyses or investigations that may require the same skills used in 1, above, but may not involve the litigation process.

Definition of Forensic Accounting Non-Litigation Services
Forensic accounting non-litigation services are the professional assistance accountants provide not related to the litigation process. These services may involve accounting, financial, auditing, tax, quantitative analysis, and investigative and research skill as well as an understanding of the legal process to provide assistance in connection with matter or issues not involving the litigation process.

The Bubble Deception There are 14,000 publicly traded companies in the United States. Expecting all of them to be honest is unrealistic. Like any town of 14,000, the market is bound to have its share of grifters and shoplifters. But the deception at Computer Associates was dangerous precisely because it wasn’t an aberration. By January 2001, all manner of companies were abusing accounting rules to mislead their investors, seemingly without fear of being caught. A strange madness had gripped the market. Even its most solid citizens were running red lights and breaking windows. And the police were nowhere in sight. Alex Berenson, The Number, Random House, 2003, p. xxiii.

Enriching Insiders I know that sounds crazy, but the stock market has gone from a place where investors actually own part of a company and have a say in their management to a market designed to enrich insiders by allowing them to sell shares they buy cheaply through options. Companies continuously issue new shares to their managers without asking their existing shareholders. Those managers then leak that stock to the market a little at a time. It’s unlimited dilution of existing shareholders’ stakes, dilution by a thousand cuts. If that isn’t a scam, I don’t know what is. Individual shareholders have nothing but the chance to sell their shares to the next sucker . A mutual fund buys one million shares of a company with your and your coworkers’ money. You own 1 percent of the company. Six weeks later you own less, and that money went to insiders, not to the company. Alex Berenson, The Number, Random House, 2003, p. xviii.

Forensic Accounting Factors
Time: Forensic accounting focuses on the past, although it may do so in order to look forward (e.g., damages, valuations). Purpose: Forensic accounting is performed for a specific legal forum or in anticipation of appearing before a legal forum. Peremptory: Forensic accountants may be employed in a wide variety of risk management engagements within business enterprises as a matter of right, without the necessity of allegations (e.g., proactive). With a single clue a forensic accountant can solve a fraudulent mystery.

One Small Clue A former Scotland Yard scientist tried to create the world’s biggest fraud by authenticating $2.5 trillion worth of fake U.S. Treasury bonds. When two men tried to pass off $25 million worth of the bonds in Toronto in 2001, a Mountie noticed the bonds bore the word “dollar” rather “dollars.” Police later raided a London bank vault and discovered that the bonds had been printed with an ink jet printer that had not been invented when the bonds were allegedly produced. Zip codes were used even though they were not introduced until 1963. Sue Clough, “Bungling Scientist Is Jailed for Plotting World's Biggest Fraud,” News.telegraph.co.uk, January 11, 2003.

Forensic Accounting Defined
Forensic accounting is the action of identifying, recording, settling, extracting, sorting, reporting, and verifying past financial data or other accounting activities for settling current or prospective legal disputes or using such past financial data for projecting future financial data to settle legal disputes. Source: Forensic and Investigative Accounting (CCH) When the death of a company occurs under mysterious circumstances, forensic accountants are essential. Other accountants look at the charts but forensic accountants actually dig into the body. Douglas Carmichael

Forensic Accounting Areas
Investigative Auditing Litigation Support Forensic: Latin for “forum,” referring to a public place or court. Black’s Law Dictionary: Forensic, belonging to the courts of justice. Note: Corporate spooks are used to check on competitors.

Forensic Auditing Forensic auditing is a type of auditing that specifically looks for financial misconduct, and abusive or wasteful activity. It is most commonly associated with gathering evidence that will be presented in a court of law as part of a financial crime or a fraud investigation. Source: B.L. Derby, “Data Mining for Improper Payments,” Journal of Government Financial Management, Winter, 2003, pp “ Forget the stuffed white shirt, forensic accountants are more parts Philip Marlowe than Casper Milquetoast. They open the books and crack the code, transforming a dull science of numbers into a suspenseful mystery with a logical, even riveting resolution.” Cory Johnson

Top Niche Services 1. Business Valuation 89% 2. SOX Compliance 77%
3. Litigation Support 69% 4. Attest Services 67% 5. Estate/Trust/Gift 66% 9. Forensic/Fraud 56% Source: Accounting Today.

Forensic Accounting vs. Fraud Auditing
Fraud Auditor: An accountant especially skilled in auditing who is generally engaged in auditing with a view toward fraud discovery, documentation, and prevention. “Economic crimes and fraud often do not involve obvious evidence like the smoking gun. Forensic accountants look behind the deals and handshakes and probe beyond the numbers to uncover the reality of financial situations.” Source: D.W. Squires, “Problems Solved with Forensic Accounting: A Legal Perspective,” Journal of Forensic Accounting., Vol. IV (2003),. P. 131.

Forensic vs. Fraud Audit
Google result, May 4, 2005 Forensic Audit, 19,800 hits Fraud Audit, 4,470 hits Fraud Examination, 11,400 hits Fraud Accounting, 3,790 hits Forensic Accounting, 225,000 hits I don’t care what they say, but [forensic accounting] is here to stay. Danny & the Juniors I see skies of blue and clouds of white, and I think to myself, what a wonderful world. Louis Armstrong

Specialties Within Forensic and Investigative Accounting
Employee Crime Specialist. Asset Tracing Specialist. Litigation Services Specialist and Expert Witness. Insurance Claims. Valuation Analysis. False Claims Act Violations. Due diligence investigations.

Asset Tracing Three Italian lawyers said in a filing to be presented to a bankruptcy court that they had traced $7.7 billion in missing Parmalat funds. “We are preparing a filing in which we are asking for the insolvency status to be revoked because the money was robbed and not lost,” lawyer Carlo Zauli told Reuters. But he said it would be an illusion to believe proof of electronic transfers of the funds could be found and the lawyers representing the Parmalat Creditors Committee did not say where the money was being held or if it was recoverable. An Italian website, TGfin ( said a company linked to Parmalat founder Tanzi was holding the funds in the form of U.S. bonds in an account with Bank of America. Source: Emilio Parodi and Stefano Bernabei, “Wrap-up 2: Paramalat Fraud Probe Widens to Auditors, Ex-Banker, “forbes.com, January 8, 2004.

Gross Profit Comparison
In a divorce situation, a business owner claimed only about $75,000 annual income. He claimed he had borrowed and not paid back huge sums. Wife said he was spending about $400,000 per year more than his salary. Four schedules for the courtroom: What was known and alleged about husband’s expenditures. Schedule comparing income with expenditures. Amounts husband claimed he had borrowed.

Gross Profit Comparison (cont.)
Company’s income statements side-by-side: New Gross Profit His Per Industry $75,000 $475,000 Husband had overstated COGS. Checks issued to vendors, into COGS. Some of the vendors cashed the checks and returned the money to husband. Mark Kohn, “Unreported Income and Hidden Assets,” Forensic Accounting in Matrimonial Divorce, Philadelphia: R. T. Edwards, 2005, pp Mark Kohn, “Unreported Income and Hidden Assets,” in Forensic Accounting in Matrimonial Divorce, Philadelphia: R.T. Edwards, 2005, pp

Unreported Beer Sales Business owner reports only $50,000 business income, but has expensive cars, private schools, buying significant real estate. Subpoenaed records of local beer distributors. Then went to the club and ordered some drinks, noting the pricing of the beer, etc. 1,000 cases of Miller’s 24 bottles 24,000 x $2 $48,000 per year Found that reported sales were underreported by $500,000. Mark Kohn, “Unreported Income and Hidden Assets,” Forensic Accounting in Matrimonial Divorce, Philadelphia: R.T. Edwards, 2005, pp

Home Improvements Massive improvements to personal home, not paid for by personal funds. Company showed many corporate payments to home remodeling contractors/landscapers. But the industrial park not owned by company. Only photocopies of invoices provided. FC demanded original documents. Finally, the original documents had white-outs of job locations and work descriptions. Could turn over the originals and read the real data from the back side. Mark Kohn, “Unreported Income and Hidden Assets,” Forensic Accounting in Matrimonial Divorce, Philadelphia: R.T. Edwards, 2005, pp

Finding Unreported Income/Hidden Assets
Look at the lifestyles. Look at the expenses. Look at the cash flow. Look at the business operations. Look at the industry ratios. Consider using private investigators. Use the net worth method. Mark Kohn, “Unreported Income and Hidden Assets,” Forensic Accounting in Matrimonial Divorce, Philadelphia: R.T. Edwards, 2005, pp

Fiction v. Reality The main difference between fiction and reality is that instead of using mask and gun, today’s villains use mouse and keyboard. Instead of hiding behind a lamppost in a trench coat and fedora, today’s forensic accountants are more likely to be hiding behind their own computers, searching for clues amid mountains of data. Source; “Book ‘EM! Forensic Accounting in History and Literature,” The Kessler Report, Vol.1, No. 2. “Every investigation I did as a prosecutor, you have a particular target, but it always branches off because something else gets your attention. And that’s what is going to happen with a forensic accountant.” Tom Carlucci: E-library Rueter Library September 20, 2002

Carmichael`s Position
Doug Carmichael, Chief Auditor for PCAOB, faults auditors for not adopting forensic techniques. Carmichael wishes more “test of details,” not relying on test of controls. He wishes more shoe-leather work. Shoe-leather work is what we do! Kris Frieswick, “How Audits Must Change,” CFO, July 2003, p.48

Forensic Accountants “Rather than combing torn clothing,” forensic accountants “comb through corporate books, looking for oddities that could signal swindles,” says Bruce Dubinsky. Investigations can be extremely complex, with crates and crates of documents and thousands of computer files. Investigators look for flags or patterns that would not normally occur. Source: Mark Maremont, “Tyco Is Likely to Report New Woes,” Wall Street Journal, April 30, 2003, p. C-1.

Auditors Blamed: Deep Pockets
Trustee for United Companies (UC) said that Deloitte and Touche was guilty of negligence, malpractice, misrepresentation, breach of duty, and fraud. D & T failed to warn United Companies of all of the losses it would absorb if the people who took out the loans defaulted, because the accounting firm was making millions and millions of dollars in fees. Loan practice called securitization or bundled high-interest loans. $685 million in liability damages. Plaintiff’s Attorney: Role of auditors is to act as watchdogs for companies. “A good watchdog barks when somebody comes into the yard. D & T is supposed to bark when there is a problem.” Defendant’s Attorney: “The problem was much larger than a watchdog could handle. Can a watchdog stop your house from getting hit by a hurricane? Of course not.” Source: Adrian Angelette, “Auditors Blamed, “Baton Rouge Advocate, October 23, 2003, pp. A-1 and a-8

Auditors Blamed (cont.)
As part of the securitization agreement, UC agreed to pay the principal and interest on defaulted loans. Creditors contend that UC failed to account for the interest it was paying, and D&T should have caught the mistake earlier. After UC wrote off $605 million in debt, the company filed for bankruptcy. Confidential mid-court settlement. Source: Adrian Angelette, “United Companies Settlement Reached,” Baton Rouge Advocate, October 31, 2003, pp. A-1 and A-12

Find It, or I’ll Sue Accountants must be attuned to detecting fraud at every level of service, including standard accounting services, compilations, reviews, and bank reconciliations. If there is fraud and you don’t detect it, you are going to be sued, and you will likely lose, as the public perception is the accountant is the watchdog. Robert J. DiPasquale, Parsippany, N.J. Source: H.W. Wolosky, “Forensic Accounting to the Forefront,” Practical Accountant, February 2004, pp

Forensic Accounting Knowledge Base
LAW Investigative auditing Accounting Criminology Forensic Accountant

Threads of Forensic Accounting
Forensic accounting (or at least accounting expert witnessing) can be traced as far back as 1817 to a court decision. [Meyer v. Sefton] In 1824, a young accountant by the name of James McCleland started business in Glasgow, Scotland and issued a circular that advertised various classes of expert witness engagements he was prepared to undertake. In 1856 in England, the audit of corporations became required.

Investigative Accountants
Initially called investigative accounting, many of the forensic techniques, such as the net worth method, were developed by IRS agents to detect tax evaders. Infamous mobster, Al Capone, was caught when Special Agents of the IRS stepped in and charged him with tax evasion. Accountants caused the crime czar’s career to come to an end.

Investigative Techniques
“You know how it goes,” I said. “You get a case. You just keep poking around, see what scurries out.” p. 144. “How,” Susan said, “on earth are you going to unravel all of that?” “Same way you do therapy,” I said. “Which is?” “Find a thread, follow it where it leads, and keep on doing it.” “Sometimes it leads to another thread.” “Often,” I said. “And then you follow that thread.” “Yep.” “Like a game,” Susan said. “For both of us,” I said. Susan nodded. “Yes,” she said, “tracking down of a person or an idea or an evasion.” pp. 270 – 271. Source: R.B. Parker, Widow’s Walk, Berkley Books, 2002.

Al Capone Caper “Perhaps the most celebrated case of an accountant nailing a famous criminal was the case of Al Capone. For all of Capone’s colorful history of violent crime, the FBI could never gather enough evidence to convict him until FBI agent Eliot Ness had an idea. He gathered special agents of the IRS to track the flow of cash from Capone’s illicit activities. When the mobster failed to pay taxes on those earnings, the IRS nailed him for tax evasion. Capone went to jail and was never a factor again. IRS recruitment posters boast till this day: ‘Only an accountant could catch Al Capone.’” Source: “Book ‘Em! Forensic Accounting History and Literature,” The Kessler Report, Vol. 1, No. 2.

Father of Forensic Accounting:
Maurice E. Peloubet (1946) Pretenders: Max Lourie (1953) Robert Lindquist (1986)* * Repeated, First sentence in N. Brennan and J. Hennessy, Forensic Accounting, 2001, p. 5.

The Essence of Forensic Accounting by Maurice Peloubet (1946):
“The preparation of data for and the appearance before government agencies as a witness to facts, to accounting principles, or to the application of accounting principles is essentially forensic accounting practice rather than advocacy.” Modern Version “Let’s face it, we in the forensic profession labor in an obscure corner of the vineyard. We are the carefully selected, trusted, highly trained guardians of one of the last great secrets remaining on the face of the earth - - the $600 billion[now $660], more or less annual problem nobody knows about.” Joseph W. Koletar, Fraud Exposed, John Wiley & Sons, Inc 2003, p. 228.

Fictional Hero “Forensic accounting is turning up more frequently in the world of fiction, too. The financial intrigue of fraud and the investigative process of forensic accounting are a natural fit with mystery of suspense novels. Add exotic locations, colorful characters and a murder or two, and you have all the elements of a classic thriller. There is a selection of books featuring forensic accountants as the heroes of their own stories, as well. Lenny Cramer, perhaps the most prominent of this fictional group, is the star of a series of novels written by I.W. Collett and various co-authors. In one of these novels, Cramer tracks forged receipts to uncover a plot to steal Burmese religion treasures. Another features Cramer, while conducting an audit at Coca-Coca, uncovering a scheme to steal the company’s secret formula. In yet another, Cramer uses his forensic accounting skills to solve a series of murders in the New York art world.” Source: “Book ‘em! Forensic Accounting in History and Literature,”The Kessler Report, Vol. 1, No. 2.

Panel on Audit Effectiveness
In 1998, the Public Oversight Board appointed the Panel on Audit Effectiveness to review and evaluate how independent audits of the financial statements of public companies are performed and to assess whether recent trends in audit practices serve the public interest. In 2000, the Panel issues a 200-page report, Report and Recommendations, which includes a recommendation that auditors should perform forensic-type procedures during every audit to enhance the prospects of detecting material financial statement fraud. Did not believe a GAAS audit should become a fraud audit. In all audits the degree of audit effort in forensic- type steps should be more than inconsequential [p. 24].

Audit Tests The Panel on Audit Effectiveness recommended that surprise or unpredictable elements should be incorporated into audit tests, including: Recounts of inventory and unannounced visits to locations Interviews of financial and nonfinancial client personnel in different locations Requests for written confirmations from client employees regarding matters about which they have made representations to the auditors Tests of accounts not normally preformed annually Tests of accounts traditionally or frequently deemed “low risk”

AICPA Fraud Task Force Report
In 2003, the AICPA’s Litigation and Dispute Resolution Services Subcommittee issued a report of its Fraud Task Force entitled, “Incorporating Forensic Procedures in an Audit Environment.” The report covers the professional standards that apply when forensic procedures are employed in an audit and explains the various means of gathering evidence through the use of forensic procedures and investigative techniques.

Forensic-Type Organizations
American College of Forensic Examiners (2750 E. Sunshine, Springfield, MO 65804; ; DABFA and Cr.FA; 2000) Certified Fraud Examiners (Association of CFEs, The Gregor Bldg., 716 West Avenue Austin, TX 78701; ; Certified Insolvency and Reorganization Accountant (CIRAs). Accountants, lawyers, consultants included in insolvency and bankruptcy matters. 3-part exam. 4,000 hours AIRA, 221Stewart Avenue, Suite 207, Medford, Or Society of Financial Examiners. Financial examiners of insurance companies, banks, savings & loans, and credit unions. About 1, Grace Blvd., Altamonte Springs, Fl Certified Forensic Financial Analyst (NACVA, Salt Lake City, Utah 84106; ). Also, Certified Fraud Deterrence (CFD) analyst. National Litigation Support Services Association (NLSSA, III East Wacker Drive, Suite 990, Chicago, IL 60601; ). Not-for-profit. About 20 firms. $1,825. Canadian Institute of Chartered Accountants (CICA) – CA.IFA – Alliance for Excellence in Investigative Accounting. Certified Forensic Investigator (CFI) – Canada Early 1980’s. Certified Fraud Specialist (CFS), not-for-profit, educational anti-fraud corporation located in Sacramento, Calif., for those dealing in white-collar crime, fraud, and abuse issues. Association of Certified Fraud Specialists.

Ink Analysis Martha Stewart was undone by a blue ballpoint pen.
Stockbroker belatedly inserted a note to help cover up Ms. Stewart’s improper stock trading. Blue ballpoint ink used is different from ink elsewhere on the trading worksheet. Prosecutors used forensic ink analysis in Rite Aid case to show that certain documents were backdated (ink used to sign letter was not commercially available until 3 months after the letter was dated). Xerox laser printers now encode the serial number of each machine in tiny yellow dots in every printout, nestled within the printed words and margins. It tracks back to you like a license plate. Advice for fraudsters: use pencils. Source: Mark Maremont, “In Corporate Crimes, Paper Trail Often Leads to Ink Analysts’ Door,” Wall Street J., July 1, 2003, p. A-1.

Deductive vs. Inductive
Deductive: one goes from general to specific; fairly simple and economical. Inductive: one starts with specific experiences and then draws inferences. Deductive Approach Inductive Approach Generic data mining Custom data mining Digital analysis Analysis of all data Discovery sampling Generic software Custom software For smaller organizations For larger organizations Basic features Sophisticated features Easy to learn Requires advanced skills Relatively inexpensive More expensive Source: W.S. Albrecht and C.C. Albrecht, “Root Out Financial Deception,” Journal of Accountancy (April 2002), p. 33.

Benford’s Law 0= ----- 1= 30.1% 2= 17.6% 3= 12.5% 4= 9.7% 5= 7.9%
Distribution of initial digits in natural numbers is not random Predictable patterns: There is software to detect potentially invented numbers in many situations. Compare actual frequency with Benford’s frequency. 0= ----- 1= 30.1% 2= 17.6% 3= 12.5% 4= 9.7% 5= 7.9% 6= 6.7% 7= 5.8% 8= 5.1% 9= 4.6% 12% % 11.4% % 10.9% % 10.4% % 10% % 9.7% % 9.3% % 9% % 8.8% % 8.5% %

Benford’s Law Uses Investments sales/purchases Check register.
Sales history/Price history. 401 contributions. Inventory unit costs. Expenses accounts. Wire transfer information. Life insurance policy values. Bad debt expenses. Asset/liability accounts. Source: Richard Lanza, “Digital Analysis- Real World Example,” IT Audit, July 1, 1999,pp. 1-9.

Federal Sentencing Guidelines Monitoring Mechanism
Systems reasonably designed to detect criminal conduct by its employees and other agents and by having in place and publicizing a reporting system whereby employees and other agents could report criminal conduct by others within the organization without fear of retribution. FCPA Sec. 8A1.3(k)(5). The U.S. Supreme Court has overturned some of these concepts. Look for Congress to take action.

Some accountants believe that ethics is a place in England.
Fraud Some accountants believe that ethics is a place in England. Essex, U.K. A statement made by Mark Twain about New England weather applies to fraud and corruption: “It’s hard to predict, but everyone agrees there’s plenty of it.” As Sherlock Holmes said, “the game is afoot.” Read My Lips; It’s The Fraud, Stupid.

Termites, Rust, and Fraud
Just as termites never sleep, fraud never sleeps. Just like termites, fraud can destroy the foundation of an entity. Like rust, fraud never sleeps. Auditing without forensic techniques is like trying to live without water.

Sarbanes-Oxley Act (7-30-2002)
Most significant change since 1934 Securities Exchange Act New five-member Public Company Accounting Oversight Board (PCAOB) Authority to set and enforce auditing, attestation, quality control and ethics (including independencies) standards for auditors of public companies. Empowered to inspect the auditing operations of public accounting firms that audit public companies as well as impose disciplinary and remedial sanctions for violations of the board’s rules, securities laws and professional auditing and accounting standards. Rotation of lead audit partner every five years. For now no requirement to rotate auditing firm

Sarbanes-Oxley Act (7-30-2002)
Eight types of services outlawed: Bookkeeping. Information systems design and implementation Appraisals or valuation services, fairness opinions, or contribution-in-kind-reports. Actuarial services Internal audit outsourcing Management and human resources services Broker/dealer, investment adviser, and investment banking services Legal or expert services related to audit services Applies to foreign accounting firms filing with SEC. to get free subscription to PCAOB Update.

Sarbanes-Oxley Act of 2002 If you are going to be an auditor, you have to be an auditor, not an auditor and a consultant [Senator Jack Reed]. In order to be independent, an accounting firm should not Audit ones own work. Function as part of management or an employee. Act as an advocate. No limitations are placed upon accounting firms in providing non-audit services to public companies they do not audit or any private companies. Audit services and non-audit services (e.g., tax) must be pre-approved by the audit committee, if not prohibited by the Act (before the non-audit service commences). Auditor must report to the audit committee on a timely basis. Cooling off period of one year for hiring an auditor if CEO and other senior officers worked for the auditor. There is no requirement to rotate the auditors. There is discussion of requiring a forensic audit irregularly. Harvey Pitt suggested this proposal.

Sarbanes-Oxley (contd.)
Many of the Sarbanes-Oxley’s provisions became effective July 30, 2002. The Network Thus, SEC will control the accounting standards, not the AICPA. Auditors to report to audit committee, and audit committee must approve all services. Crime to corruptly alter, destroy, mutilate, or conceal any document with the intent to impair the object’s integrity or availability (up to 20 years). Statute of limitations for the discovery of fraud is now two years from the date of discovery and 5 years after the act. Maximum penalty for mail and wire fraud is increased from 5 to 10 years. Financial statement filed with SEC: certified by CEO and CFO. Maximum penalties for willful and knowingly violation: fined not more than $5 million and/or imprisonment of up to 20 years. Sense of Congress: CEO should sign the Federal income tax return.

Sarbanes-Oxley Act Creates Need For Forensic Accounting
To assist corporations in their quest to ensure compliance with the mandates of S-O. Public accounting firms must introduce forensic techniques into audits, and they may request help from forensic experts. Robbers do not need guns. Pencil and paper will do. Opportunity and greed are thievery’s driving forces. Put enough zeroes behind a number, and it’s amazing how flexible morals become. How many years in prison would you do to accumulate a half a billion dollars in your bank account? John H. Bolt

Section 404-Sarbanes-Oxley
Beginning June 2004, large companies must have in place tight internal controls, assess the effectiveness of these controls annually (and issue a report of their effectiveness), and pay for an independent assessment by external auditors. Need an internal control framework (e.g., COSO or similar). Companies are paying steep fees to fund the PCAOB. Audit fees have increased by as much as 30% since S/O.

Six-Legged Table of Financial Statements
External Auditors Audit Committee Top Management Board of Directors Internal Auditors External Auditor PCAOB and SEC In a baseball analogy, think of the pitcher as the auditee, the catcher as the internal auditor, the manager as top management, the scorekeeper as the external auditor, and the umpire would be PCAOB(SEC). The scoreboard could be the general ledger. The Big “R”

COSO CUBE (5 components of internal controls)

HIERARCHY OF INTERNAL CONTROL NEEDS

The COSO Model Control environment – management’s attitude toward controls, or the “tone at the top.” Risk assessment – management’s assessment of the factors that could prevent the organization from meeting its objectives. Control activities – specific policies and procedures that provide a reasonable assurance that the organization will meet its objectives. The control activities should address the risks identified by management in its risk assessment. Information and communication – system that allows management to evaluate progress toward meeting the organization’s objectives. Monitoring – continuous monitoring of the internal control process with appropriate modification made as deemed necessary.

COSO New Cube: Enterprise Risk Management
Source: erm.coso.org. See Apostolou and Crumbley, “ Sarbanes-Oxley Fall-out Leads to Auditing Standards No. 2: Importance of Internal Controls,” The Value Examiner, November/December 2004, pp

Management Control Philosophy
Fraudulent Financial Reporting more likely to occur if Firm has a poor management control philosophy. Weak control structures. Strong motive for engaging in financial statement fraud. Poor management philosophy: Large numbers of related party transactions. Continuing presence of the firm’s founder. Absence of a long-term institutional investor. Source: Paul Dunn “Aspect of Management Control Philosophy that contributes to fraudulent Financial Reporting,” Journal of Forensic Accounting, Vol. IV (2003), pp

Risk Assessment Benefits
A major step in a forensic audit is to conduct a risk assessment, which entails a comprehensive review and analysis of program operations in order to determine where risks exists and what those risks are. Any operation developed during the risk assessment process provides the foundation or basis upon which management can determine the nature and type of corrective actions needed. A risk assessment helps an auditor to target high-risk areas where the greatest vulnerabilities exist and develop recommendations to strength internal controls Source: B.l. Derby, “Data Mining for Improper Payments,” Journal of Government Management, Winter 2003, Vol.52, No. 4, pp

Fraud Risk-Assessment Process
1. Organize the assessment – integrate into organization’s existing business cycle or establish a separate cycle. 2. Determine areas to assess – conduct at company wide, business-unit, and significant-account levels. 3. Identify potential schemes and scenarios – typically affecting the industry or locations. Fraudulent financial reporting. Misappropriation of assets. Expenditures and liabilities for an improper purpose (cash kickbacks and corruption). Organization commits a fraud against employees or third parties. Tax fraud. Financial misconduct by senior management.

Fraud Risk-Assessment Process
4. Assess likelihood of fraud Remote (1 out of 20) Reasonably possible Probable 5. Assess significance of risk Inconsequential More than inconsequential Material 6. Link antifraud controls – identify the control activities for fraud risks that are both more than likely to occur and more than inconsequential in amount. 7. Apply assessment results to the audit plan – consider and document the results of the fraud assessment when developing the audit plan. Source: Jonny Frank, “Fraud Risk Assessments,” Internal Auditor, April, 2004, pp

FEI’s Costs of Compliance
Source: Financial Executive Institute FEI’s Costs of Compliance Revenue First-Year Costs First-Year Hours Less than $25 million $.28 million 1,996 $25 to $99 million $.74 million 3,080 $100 to $499 million $.78 million 5,118 $500 to $999 million $1.04 million 6,950 $1 to $4.9 billion $1.83 million 13,355 Over 5 billion $4.67 million 41,201 Source: Financial Executive Institute Audit fees have increased about 50%. First year spending around $10 billion. Steve Watkins, “For Some, SOX Is No Hassle at All,” IBD, January 14, 2005, p. A6. About $100,000 each year for insuring Board members. Bob Ross: Section 404 of SOX, which requires companies to document their controls, cost his company (Urban Outfitters) at least a penny per share in 2004, turning his job into a “struggle to explain common sense.” Tim Reason, “Feeling the Pain,” CFO, May 2005, p. 51.

Using Work of Specialists (SAS No.73)
Specialist defined: a professional service firm or individual who possesses special skills or knowledge in a particular field other than accounting and auditing To reply on specialist’s findings, auditor Must understand the objectives and scope of work performed. Assumptions used must be clear to auditor. Auditor must consider the appropriateness of utilizing the specialists findings. Auditor must test the data that client provides to the specialist. Auditor must evaluate whether findings support the assertions in the financial statements. If specialist’s findings inconsistent, SAS No.73 provides additional procedures which auditor must follow. Auditor will need copies of work-papers of specialists.

Fraud is Possible The motto of a fraudster:
Anything is possible. The impossibility simply takes longer. Biggleman’s Safe – a safe builder wrote blueprints of a unbreakable safe and locked the blueprints inside the safe. Internal controls can be broken, often by top executives. Just as a pitcher tries to fool batters, financial statements may be misleading or wrong.

Michael Comer’s Types of Fraud
Corruptions (e.g., kickbacks). Conflicts of interest (e.g., drug/alcohol abuse, part-time work). Theft of assets. False reporting or falsifying performance (e.g., false accounts, manipulating financial results). Technological abuse (e.g., computer related fraud, unauthorized Internet browsing). Comer’s Rule: Fraud can happen to anyone at anytime. Source: M.J. Comer, Investigating Corporate Fraud, Burlington, Vt.: Gower Publishing Co., 2003, pp. 4-5.

The McKesson’s Massive Fraud
In 1938, police discovered a massive fraud at McKesson & Robbins, a big drug company traded on the New York Stock Exchange and audited by Price Waterhouse. Executives at McKesson embezzled more than $18 million, hiding their theft by creating a fake division. The fictitious unit represented almost one-fifth of McKesson’s total assets, but Price Waterhouse somehow had managed to miss the fact that it didn’t exist. (Clues to the fraud included a shipment that supposedly had been sent from Canada to Australia – by truck.) Alex Berenson, The Number, Random House, 2003, p.33

Starwoods Hotels Poll of Executives
Starwoods Hotels interviewed 401 top executives who golf. The results are surprising. Consider themselves to be honest in business 99% Played with someone who cheats at golf 87% Cheated themselves at golf 82% Hated others who cheated at golf Believe that business and golf behaviors are parallel 72% Source: Del Jones, “Many CEOs Bend The Rules (of Golf),” USA Today, June 26, 2002, p. A-1.

The Cost of Fraud Organizations lose 6 percent of annual revenue to fraud and abuse. Fraud and abuse costs U.S. organizations more than $660 billion annually ($4,500 per employee). The average organization loses more than $12 a day per employee due to fraud and abuse. Source: 2004 Wells Report

The Cost of Fraud (cont.)
Over 90% of occupational frauds involve asset misappropriations. Average length of a fraud scheme is 18 months. Most common way of detecting occupational fraud is by tips from employees, customers, vendors, or anonymous sources. Second way, internal audit. Third most common detection: accident. The most targeted asset is cash. Source: 2004 Wells Report

Ernst & Young 2002 Survey More than 20 percent of the respondents were aware of fraud in their workplace. Nearly 80 percent would be willing to turn in a colleague thought to be committing a fraudulent act. Employers lose a staggering 20 percent of every dollar earned to some type of workplace fraud. More frequently committed frauds are theft of office items, claiming extra hours worked, inflating expense accounts, and taking kickbacks from suppliers. Women are more likely than men to report fraudulent activities. Older employees were more likely to report fraudulent activities than younger employees. Ernst & Young. “American Works: Employers Lose 20 Percent of Every Dollar to Work Place Fraud.” (2002) Available at

Undiscovered Fraud Howard R. Davia believes there are three groups of fraud: Group 1: 20% of fraud discovered. Group 2: Fraud discovered, but not made public (40%). Group 3: Fraud not yet detected (40%). Source: H.R. Davia, Fraud 101, John Wiley, 2000, pp

The Trillion Dollar Gorilla
(in Billions) U.S. Business1 $ Federal Government State Government Tax-exempts Local Government Annual Fraud (trillion) $ 1.053 2002 Statistics of Income, $1,281.6 trillion time 20%. $ trillion budget times 10% $3,542.1 million times 10% $897 billion in revenue times 15%. $684.6 billion times 10%.

Fraud Multiplier Employee Fraud = $ for $ reduction in net income
Suppose $100,000 bottom line reduction. Suppose 20% profit margin How much new revenue needed to offset the lost income? $100,000 = $500,000 20% So ACFE says $660 billion lost per year. $660 billion = $3.3 trillion needed revenue 20%. This amount lost to fraud and abuses is twice the size of the U.S. military budget.

Put Fraud In Perspective
The Iraq War may cost as much as $200 billion. Since fraud and abuse reduce the bottom lines of businesses as much as $660 billion per year (assuming a tax rate of 30%), the federal government loses in taxes each year $198 billion. So in less than 13 months, stopping fraud and abuse would pay for the Iraqi war.

Advantage of Compliance Spending
General Counsel Roundtable says that each $1 of compliance spending saves organizations, on the average, $5.21 in heightened avoidance of legal liabilities, harm to the organization’s reputation, and lost productivity. Source: Jonny Frank, “Fraud Risk Assessments,” Internal Auditor, April 2004, p. 47.

2003 PricewaterhouseCooper Survey
Survey to several hundred of the largest companies (with 91 responses). Half of the detected economic crimes at responding companies were found by auditors, but it did not distinguish between internal audits. Another 36 percent of the frauds were reported by whistle-blowers Although 76 percent of the United States respondents were covered by insurance, fewer than half were able to recover from their insurers. And less than a third of insured companies affected by fraud collected more than 20 percent of the amount lost. The average amount lost was $2.2 million, and the highest levels of economic crime were reported in Africa and North America (including Canada and the United States). Source: J.D. Glater, “Survey Finds Fraud’s Reach in Big Business”

Scienter Necessary To prove any type of fraud, prosecutors must show that scienter was present. That is, the fraudster must have known that his or her actions were intended to deceive. Important to know that fraud is not limited by amount but rather by intent. If someone’s intent was to defraud someone of $10 or $10 million, it is still fraud. Staff Accounting Bulletin No. 99 If someone makes an incorrect entity of $10,000 (against GAAP) to give a company the one cent to meet its earnings target, such an entry is a material misrepresentation.

Fraud Legally, Black’s Law Dictionary defines fraud as:
All multifarious means which human ingenuity can devise, and which are resorted to by one individual to get an advantage over another by false suggestions or suppression of the truth, and includes all surprise, trick, cunning or dissembling, and any unfair way by which another is cheated. The four legal elements to fraud are A false representation or willful omission regarding a material fact. The fraudster knew the representation was false. The target relied on this misappropriation. The victim suffered damages or incurred a loss. Institute of Internal Auditors definition: Any illegal acts characterized by deceit, concealment, or violation of trust. These acts are not dependent upon the applications to obtain money, property, or services; to avoid payment or loss of services; or to secure personal or business advantage.

Superseded SAS No. 82 Accounting Fraud Referred To As “Misstatement”
Misstatements arising from fraudulent financial reporting are intentional misstatements or omissions of amounts or disclosures in financial statements to deceive financial statement users. Three most important red flags according to external/internal auditors (total of 40.1%): Known history of securities law violations (14.6%) Significant compensation tied to aggressive accounting practices (12.9%) Management’s failure to display appropriate attitude about internal controls (12.6%) Source: B.A Apostolou et.al, “The Relative Importance of Management Risk Factors,” Behavioral Research in Accounting, January 1, 2001, pp

Engagement Letters Are Important
For claims to Continental Casualty Company the national provider of CPA malpractice insurance, in : Tax, 48% Compilation and bookkeeping, 15% Consulting, 11% Audit, 10% Fiduciary, 6% All Others, 5% Most accounting malpractices claims involve inadequate documentation. In claims re business tax, 54% of the time no engagement letter. For individual tax claims, no engagement letters 78% of the time. Estate-related tax services, none, 63%. The most costly malpractice claims area is audit practice. Almost 40% of all audit claims allege that an auditor either failed to detect fraud or failed to inform the client of internal control weakness to reduce the risk of fraud. Source: Joseph Wolfe, “Accounting for Malpractice,” AICPA,

COSO’s Most Common Fraud Methods
Overstatement of earnings. Fictitious earnings Understatement of expenses. Overstatement of assets. Understatement of allowances for accounts receivables. Overstatements of the value of inventories by not writing down the value of obsolete goods. Overstatement of property values and creation of fictitious assets.

COSO’s Major Motives for Fraud
Cover up assets misappropriated for personal gain. Increase the stock price to increase the benefits of insider traders and to receive higher cash proceeds when issuing new securities. Obtain national stock exchange listing status or maintain minimum exchange listing requirements to avoid de-listing. Avoiding a pretax loss and bolstering other financial results.

COSO Survey (1999) Financial pressures were important contributory factors for the commitment of financial statement fraud (FSF). Top executives (e.g., CEOs, CFOs) were commonly involved in FSF. The majority of alleged FSF were committed by small companies. Board of directors and audit committees of the fraud companies were weak and ineffective. Adverse consequences for fraud companies were bankruptcy, significant changes in ownership, and delisting by national stock exchanges. Cumulative amounts of FSF were relatively significant and large. More than half of the alleged FSF involved overstatement of revenues. Most FSF were not isolated to a single fiscal period. Fifty-five percent of the audit reports issued in the last year of the fraud period contained unqualified opinions. The majority of the sample fraud companies (56 percent) were audited by Big Eight/Big Five auditing firms.

Business Fraud Survey (1999)
Nearly 15 percent reported management misappropriation as the greatest fraud risk to their organization. Sixty percent of the respondent reported their department’s fraud risk analysis process as being reactive in nature. The majority of respondents (72 percent) reported that their organization did not have fraud detection and deterrence programs in place. The majority of respondents (68 percent) reported that they never felt pressured to compromise the adherence to their organization’s standard of ethical conduct. The majority of the respondents reported their organization’s external auditors as being ineffective in preventing and detecting fraud. The majority of the respondents believed that more budgets should be devoted to fraud-related activities and training in department. The Institute of Management and Administration (IOMA) and the Institute of Internal Auditors(IIA). “Business Fraud Survey.” (1999). Available at

Fraudulent Disbursements
Fraudulent disbursements account for three-quarters of the losses, and the most expensive tend to be fraudulent disbursements through billing schemes (45%). Therefore, internal auditors seeking to get the biggest bang for their investigative bucks should begin by making sure company vendors are for real. Check tampering (30%). Source: J.T. Wells, “An Unholy Trinity,” Internal Auditor, April 1998, p. 33.

The Methods Asset misappropriation accounted for more than four out of five offenses (92.7%). $93,000 Bribery and corruption constituted about 30.1 % of offenses. ($250,000) Fraudulent statements were the smallest category of offense 7.9% (most costly). $1 million per scheme. Source: 2004 Wells Report

Restatements of Financial Statements
2004 414 2003 323 2002 270 2001 1999 216 1998 158 Reasons for 2004 restatements: Revenue recognition. Equity accounting. Revenues, accruals, contingencies. 15% were repeat filers. Arthur Andersen had averaged 11 restatements before In 2002, they had 40, with 26 after new auditors were retained. Source: “An Analysis of Restatement Matters,” Huron Consulting Group,

Triple Fraud Sting A Michigan woman received an from a Nigerian asking her to set up a bank account in the U.S. in order to help him steal $18 million. She set up the bank account (to help pay the so-called bribes and fees) by allegedly embezzling $2 million from her employer during seven months in 2002. Guess what? She never received a penny. She was indicted on 13 counts of wire fraud. Fraud schemes are much like derivatives. They spring up, die out, and new ones are started each week. Source: Kim Komando, “Delete These Scams – Now,” MSN Business, Reviewed June 15, 2003.

Rite Aid Fraud Case Former CEO Martin Glass bragged that the computer used to generate backdated letters had disappeared at sea. “They have no computer. The letters that were done on the computer…they do not have and never will have, unless they use a Trident submarine.” Wrong. President Timothy Noonan was wearing a wire. He recorded 6 meetings over 10 weeks. Federal investigators heard everything. CFO Franklyn Bergonzi: Obtained $30 million in extra profits by dunning Rite Aid’s suppliers for merchandise that was supposedly outdated or damaged (but not so). Another $75.6 million came from rebates from pharmaceutical firms that had yet to be earned. Failed to report certain expenses properly. Increased the useful life of some assets. The financial restatements wiped out $1.6 billion in profits. Martin L. Glass was sentenced to 8 years, and his CFO was sentenced to 2 years and 4 months. Source: Mark Maremont, “Call To Account: Rite Aid Case Gives Early View of Fraud on Trial,” Wall Street J., June 11, 2003, p. A-6.

One Piece at a Time

One Piece At A Time Well, I left Kentucky back in '49 An' went to Detroit workin' on a 'sembly line The first year they had me puttin' wheels on cadillacs Every day I'd watch them beauties roll by And sometimes I'd hang my head and cry 'Cause I always wanted me one that was long and black. One day I devised myself a plan That should be the envy of most any man I'd sneak it out of there in a lunchbox in my hand Now gettin' caught meant gettin' fired But I figured I'd have it all by the time I retired I'd have me a car worth at least a hundred grand. CHORUS I'd get it one piece at a time And it wouldn't cost me a dime You'll know it's me when I come through your town I'm gonna ride around in style I'm gonna drive everybody wild 'Cause I'll have the only one there is a round. So the very next day when I punched in With my big lunchbox and with help from my friends I left that day with a lunch box full of gears Now, I never considered myself a thief GM wouldn't miss just one little piece Especially if I strung it out over several years.

One Piece At A Time The first day I got me a fuel pump And the next day I got me an engine and a trunk Then I got me a transmission and all of the chrome The little things I could get in my big lunchbox Like nuts, an' bolts, and all four shocks But the big stuff we snuck out in my buddy's mobile home. Now, up to now my plan went all right 'Til we tried to put it all together one night And that's when we noticed that something was definitely wrong. The transmission was a '53 And the motor turned out to be a '73 And when we tried to put in the bolts all the holes were gone. So we drilled it out so that it would fit And with a little bit of help with an A-daptor kit We had that engine runnin' just like a song Now the headlight' was another sight We had two on the left and one on the right But when we pulled out the switch all three of 'em come on. The back end looked kinda funny too But we put it together and when we got thru Well, that's when we noticed that we only had one tail-fin About that time my wife walked out And I could see in her eyes that she had her doubts But she opened the door and said "Honey, take me for a spin." .

One Piece At A Time So we drove up town just to get the tags And I headed her right on down main drag I could hear everybody laughin' for blocks around But up there at the court house they didn't laugh 'Cause to type it up it took the whole staff And when they got through the title weighed sixty pounds CHORUS I got it one piece at a time And it didn't cost me a dime You'll know it's me when I come through your town I'm gonna ride around in style I'm gonna drive everybody wild 'Cause I'll have the only one there is around. (Spoken) Ugh! Yow, RED RYDER This is the COTTON MOUTH In the PSYCHO-BILLY CADILLAC Come on Huh, This is the COTTON MOUTH And negatory on the cost of this mow-chine there RED RYDER You might say I went right up to the factory And picked it up, it's cheaper that way Ugh!, what model is it? Well, It's a '49, '50, '51, '52, '53, '54, '55, '56 '57, '58' 59' automobile It's a '60, '61, '62, '63, '64, '65, '66, '67 '68, '69, '70 automobile.

Missing Fraud Auditors will continue to miss fraud because much of their work is predicted on the assumption that separation of duties prevents fraud (i.e., one person hold the money and another person keeps track of it). The Equity Funding case shakes the foundations of auditing in that so much is based on the assumption that people don’t collude very long. These people work together as an efficient team for a very long time [9 years]. Lee Seidler

The Perpetrators First-time offenders.
Losses from fraud caused by managers and executives were 3.5 times greater than those caused by non-managerial employees. Losses caused by men were 3 times those caused by women. [53% males; 47% females] Losses caused by perpetrators 60 and older were 27 times those caused by perpetrators 25 or younger. Losses caused by perpetrators with post-graduate degrees were more than 3.5 times greater than those caused by high school graduates. Source: 2002 ACFE Report

White-collar criminals have these characteristics:
Likely to be married. Member of a church. Educated beyond high school. No arrest record. Age range from teens to over 60. Socially conforming. Employment tenure from 1 to 20 years. Acts alone 70% of the time. Source: Jack Robertson, Fraud Examination for Managers and Auditors (1997).

Other Characteristics of Occupational Fraudsters:
Egotistical Risk taker Hard Worker Greedy Disgruntled or a complainer Overwhelming desire for personal gain Pressured to perform Inquisitive Rule breaker Under stress Financial need Big spender Close relationship with vendors / suppliers Source: Lisa Eversole, “Profile of a Fraudster,” Some Fraud Stuff,

Quotes Source: Robert J. Lindquist
To be a forensic auditor, you have to have a knowledge of fraud, what fraud looks like, how it works, and how and why people steal. Source: Robert J. Lindquist "Finding fraud is like using a metal detector at a city dump to find rare coins. You're going to have a lot of false hits." - D. Larry Crumbley “Fraud can be best prevented by good people asking the right questions at the right time.” - Michael J. Comer

“Finding fraud is like trying to load frogs on to a wheelbarrow.”
Larry Crumbley

Fraud Catching D. Larry Crumbley
Finding fraud is like trying to herd cats and chickens. There is a chicken catching machine (150 chickens per minute),* but there is no perfect fraud catching machine. D. Larry Crumbley * PH2000 mechanical chicken harvester. Scott Kilman, “Poultry in Motion: Chicken Catching Goes High Tech,” Wall Street Journal, June 4, 2003, p. A-1. Human can catch about 1,000 an hour. $200,000 cost.

How Fraud Is Detected Tips (39.6%). Internal audit (23.8%).
By accident (21.3%) Internal controls (18.4%). External audits (10.9%). Notification by police (0.9%) Source: 2004 Wells Report.

Finding Fraud In The Midst of a Conspiracy
When speaking about the fraud of HealthSouth, a spokesman for Ernst & Young emphasized the difficulty of detecting accounting fraud in the midst of a conspiracy of senior executives and false documentation. An accountant testified that HealthSouth employees would move expenses of $500 to $4,999 from the income statement to the balance sheet throughout the year. Overall the SEC said about $1 billion in fixed assets were falsely entered. The employees moved only those expenses less than $5,000, because Ernst & Young automatically looked at those expenses over $5,000. An ex-bookkeeper even sent Ernst & Young an flagging one area of the fraud, but E & Y still did not catch it. Employees actually produced false invoices when the accounting firm asked for back-up. Source: Charles Mollenkamp, “Accountant Tried in Vain to Expose HealthSouth Fraud,” Wall Street Journal, May 20, 2003, pp. A-1 and A-13.

Quotes You should attack fraud problems the way the fictional Sherlock Holmes approached murder cases D. Larry Crumbley To be a good fraud auditor, you have to be a good detective. Source: Robert J. Lindquist

Difficult Task More forensic techniques should become a part of both external and internal auditing. But Stephen Seliskar says that “in terms of the sheer labor, the magnitude of effort, time and expense required to do a single, very focused [forensic] investigation -- as contrasted to auditing a set of the financial statements -- the difference is incredible.” It is physically impossible to conduct a generic fraud investigation of an entire business. Source: Eric Krell, “Will Forensic Accounting Go Mainstream?” Business Finance Journal, October 2002, pp

Stealth Once a forensic accountant [e.g., Cr.FA, CFE, CFFA] is engaged, Michael Kessler says that they should not be disruptive. Most employees are not aware that an investigation is taking place. We go in as just another set of auditors, favoring a Columbo-esque investigative style. “We don’t wear special windbreakers that say ‘forensic accountant.’” Source: Eric Krell, “Will Forensic Accounting Go Mainstream?” Business Finance Journal, October 2002, pp

D.R. Cressey’s Fraud Pyramid
Don’t think you’re the only ones Who bend it, break it, stretch it some. We learn from you. Girls lie, too Terri Clark

Kessler Survey (2001) About 13% of employees are fundamentally dishonest. Employees out-steal shoplifters. About 21% of employees are honest. But 66% are encouraged to steal if they see others doing it without repercussion. Source: “Studies Show 13% of employees are fundamentally dishonest,” KesslerNews, November 1, 2001, 30% of people in U.S. are dishonest. 30% situational dishonest. 40% are honest all of the time. Source: R.C. Hollinger, Dishonesty in the Workplace, Park Rider, N.Y.: London House Press, 1989, pp. 1-5.

Little Has Changed: CFO Survey
Nearly half of CFOs – 47 percent – report they still feel pressure from their superiors to use aggressive accounting to make results look better. What is worrisome is that the pressure to make the numbers hasn’t abated much. Of these who have felt pressure in the past, only 38 percent think there is less pressure today than there was three years ago, and 20 percent say there is more. Few finance executives have much confidence in the numbers their colleagues are reporting. Only 27 percent say that if they were investing their own money, they would feel “very confident” about the quality and completeness of information available about public companies. Source: Don Durfee, “It’s Better (and Worse) Than You Think,” CFO Magazine, May 3, 2004.

SAS No. 99 Characteristics of Fraud
Incentives / pressures Attitude / Rationalization Opportunity

Fraud Pyramid Motive Opportunity Rationalization
Excessive spending to keep up appearances of wealth. Other, outside business financial strains. An illicit romantic relationship. Alcohol, drug or gambling abuse problems. Opportunity Lack of internal controls. Perception of detection = proactive preventative measure. Rationalization “Borrowing” money temporarily. Justifying the theft out of a sense of being underpaid.(“I was only taking what was mine”) Depersonalizing the victim of the theft. (I wasn’t stealing from my boss; I was stealing from the company.”)

Greed “I don’t see many ways to eliminate greed; it is an inherent part of the human character. So antifraud measures must be aimed at educating people on the risks and the type of technical controls that they can implement.” Alan Oliphant Source: David G. Banks, “The Fight Against Fraud,” Internal Auditor, April 2004, pp “It was definitely the perfect fraud…….. unfortunately they hired the perfect investigator.” Cartoon in M.J. Comer’s book

Example of Greed (or Incentive)
Three Duke Energy employees were charged in April 2004 for allegedly ginning up “phony electricity and material-gas trades to boost trading volumes” and inflating “profits in a trading book that was the basis of their annual profits.” “The trading schemes are alleged to have inflated their bonuses by at least $7 million” between March 2001 and May There were 400 rigged trades that produced a $50 million profit in the trade books. Duke used mark-to-market accounting to record profit and loss contracts that might not be settled for years. So called “round-trips trades (or wash sales) were used to jack up reported trading volumes. Source: Rebecca Smith, “Former Employees of Duke Charged Over Wash Trades,” WSJ, April 22, 2004, p. A-15.

KPMG’s Causes or Indicators of Fraud (1998)
Personal financial pressure. Substance abuse. Gambling. Real or imagined grievances. Ongoing transactions with related parties. Increased stress. Internal pressures to meet deadlines/budgets. Short vacations. Unusual hours. Source: KPMG’s 1998 Fraud Survey

Rationalization Sherron Watkins provides an excellent comment about rationalization with respect to Enron’s Jeff Skilling and Andy Fastow. At what point did they turn crooked? “But there is not a defining point where they became corrupt. It was one small step after another, with more and more rationalizations. There was a slow erosion of values over time.” Source: Pamela Colloff, “The Whistle-Blower,” Texas Monthly, April 2003, p. 141.

Fraud’s Fatal Failings
85% of fraud victims never get their money or property back. Most investigations flounder, leaving the victims to defend for themselves against counter-attacks by hostile parties. 30% of companies that fail do so because of fraud. Source: Michael J. Comer, Investigating Corporate Fraud, Burlington, VT: Gower Publishing, 2003, p. 9.

The company’s stance on fraud and other breaches of the ethical code.
Anti-Fraud Strategy The company’s stance on fraud and other breaches of the ethical code. What will be done and by whom in the case that frauds or other breaches are suspected. The key initiatives which the company proposes; Who will lead these initiatives. Clear deadlines and measures for monitoring effectiveness of implementation. Source: David Davies, Fraud Watch, 2nd Edition., London, ABG Professional Information, 2000, p. 77.

Several Strategies Establishment of responsible corporate governance, a vigilant board of directors and audit committees, diligent management, and adequate and effective internal audit functions. Utilization of an alert, skeptical external audit function, responsible legal counsel, adequate and effective internal control structure, and external regulatory procedures. Implementation of appropriate corporate strategies for correction of the committed financial statement fraud, elimination of the probability of its future occurrences, and restoration of confidence in the financial reporting process Financial statement fraud occurs when one or a combination of these strategies are relaxed due to self-interest, lack of due diligence, pressure, over-reliance, or lack of dedication. Source: Crumbley, Razaee, Ziegenfuss, U.S. Master Auditing Guide, Chicago, CCH, pp

SAS No. 99: Brainstorming Aims to make the auditor’s consideration of fraud seamlessly blended into the audit process and continually updated until the audit’s completion. Brainstorming is now a required procedure to generate ideas about how fraud might be committed and concealed in the entity. No ideas or questions are dumb. No one owns ideas. There is no hierarchy. Excessive note-taking is not allowed. Source: Michael Ramos, “Auditors’ Responsibility for Fraud Detection,” J. of Accountancy, January, 2003, pp. 28 – 36.

More Brainstorming Best to write ideas down, rather than say them out loud. Take plenty of breaks. Best ideas come at the end of session. Important to not define the problem too narrow or too broad. Goal should be quantity, not quality. Geniuses develop their most innovative ideas when they are generating the greatest number of ideas. No such things as bad ideas. Many companies are great at coming up with good ideas, but lousy at evaluating an implementing them. Source: A.S. Wellner, “Strategies: A Perfect Brainstorm,” Inc. Magazine, October 2003, pp

Potential Pitfalls Group domination: one or two participants dominating the process can quickly squelch the creative energies of the groups as a whole, reducing the likelihood the team will identify any actual fraud risks. Social loafing: participants disengage from the process, expecting other team members to pick up the slack. Groupthink: team members become so concerned with reaching consensus that they fail to realistically evaluate all ideas or suggestions. Group shift: avoid allowing the team to take an extreme position on fraud risk. Source: M.S. Beasley and J.G. Jenkins, “A Primer for Brainstorming Fraud Risks,” Journal of Accountancy, December 2003, pp

Three Types of Brainstorming
Open brainstorming: unstructured; few rules; free-for-all; someone should record ideas. Round-robin brainstorming: start with no talking, silent period; assigned homework ahead; each individual presents own ideas; each member has a turn. Electronic brainstorming: shortens meetings, increases ideas, and reduces personalizing ideas because an idea’s author remains anonymous. Source: M.S. Beasley and J.G. Jenkins, “A Primer for Brainstorming Fraud Risks,” Journal of Accountancy, December 2003, pp

How Management Overrides Controls (SAS No. 99)
Recording fictitious journal entries (especially near end of quarter or year). Intentionally biasing assumptions and judgments used to estimate accounts (e.g., pension plan assumptions or bad debt allowances). Altering records and terms related to important and unusual transactions.

Bias Assumptions There are almost as many oil/gas reserve definitions as there are countries. During the first week of January 2004, Royal Dutch/Shell Group slashed its estimates of oil reserves by 20% or about 3.9 billion barrels of oil. Stock fell 9%. Shell, Exxon/Mobil, and Chevron/Texaco make the estimates themselves. By the end of 2002, a total of 4.47 billion barrels cut; another 1.4 billion barrel cut in 2003. Source: Susan Warren and P.A. Mckay, “Methods for Citing Oil Reserves Prove Unrefined,” Wall Street Journal, January 14, 2004, p. C-4. Chip Cummins, “Shell Slashes Oil Reserves Again, News Overshadows Profit Surge,” WSJ, February 4, 2005, p. A-3

Shell Board Kept In the Dark
One memo drafted on February 11, 2002, warned that about one billion barrels of oil-equivalent reserves appeared not to be in compliance with SEC guidelines. Board learned of information only in early January 2004. Chairman Sir Philip was ousted in early March 2004. Most of the misstated reserves were recorded from 1997 to 2000, when Sir Philip was in change of exploration and production. Oil/gas reserves were increased (not by discovery) by changing its accounting. Source: Stephen Labaton and Jeff Gerth, “At Shell, New Accounting and Rosier Oil Outlook,” New York Times, March 12, 2004, pp. A-1 and C-4.

Wildcatting The SEC has recently adopted the proactive strategy of “wildcatting” where investigations into entire industries and business sectors are begun after evidence emerges from only one company in the group regarding financial reporting problems. Over time, the PCAOB will probably be able to identify peculiarities within existing or evolving industries that require either standard setting or regulatory attention, or both. Source: Berton, L., “U.S. Accounting Watchdogs Try to Shut Barn Door,” Bloomberg.com, April 2, 2004; J.H. Edwards, “Audit Committees: The Last Best Hope,” Journal of Forensic Accounting, Vol. IV (2004), pp

Journal Entries at Year End: Those Magic Changes
Apparently, Arthur Andersen was given limited access to the general ledger at WorldCom, which had a $11 billion fraud (largest accounting fraud in history). Most of the original entries for online costs were properly placed into expense accounts. However, near the end of the period these entries were reversed. One such entry was as follows: Other Long-term Assets $629,000,000 Construction in Progress $142,000,000 Operating Line Costs $771,000,000 The support for this entry was a yellow post-it note. WorldCom’s outside auditors refused to respond to some of Cynthia Cooper’s questions and told her that the firm had approved of some of the accounting methods she questioned.

Those Magic Changes: Yellow Peril
Fourth Quarter of 1999: "The $239 million [international line cost accrual release] was entered in WorldCom's general ledger ... The only support recorded for the entry was '$239,000,000,' written on a Post-it Note and attached to a printout of the entry." Third Quarter of 2001: "Myers gave Sethi a Post-it Note that said 'Assume $742 million.' Later, Myers and Sethi had a conversation confirming that $742 million identified on the Post-it Note was the line cost capitalization entry for the quarter.” Those Magic Changes “Oh my heart arranges, oh those magic changes, oooh yeah.” Grease

Yellow Peril First Quarter of 2002: "In Capital Reporting, Myers told Sethi to go see Vinson, who would have the amount to be capitalized. When Sethi did so, Vinson handed him a Post-it Note that had the $818 million adjustment on it. Brian Higgins once again refused to make the necessary allocation for the first-quarter 2002 capitalization entry. Despite his growing concerns, Sethi made the allocation because he was concerned that his immigration status would be jeopardized if he lost his job." First Quarter 2002: "$109.4 million was taken from the general accrual account that Vinson set up and reclassified to several SG&A balance sheet accounts in five large, round-dollar amounts. The only supporting documentation that we were able to locate for these entries was a Post-it Note listing the various SG&A accounts and the amounts that should be taken from the Vinson account."

WorldCom Fraud Massive
At least 40 people knew about the fraud. They were afraid to talk. Scott Sullivan handed out $10,000 checks to 7 involved individuals. Altered key documents and denied Andersen access to the database where most of the sensitive numbers were stored. Andersen did not complain about denied access. Company officials decided what tax rates they wanted and then used the reserves to arrive at the tax rates. Source: Rebecca Blumenstein and Susan Pullian, “WorldCom Fraud Was Widespread,” Wall Street J., June 10, 2003, p. 3.

Computer Forensics “ Today’s Sergeant Joe Friday does not write in a small notebook in the course of solving crimes; he now reconstructs the data from imaging hard drives.” Source: Joe Anastasi, The New Forensics, John Wiley & Sons, 2003. “Corporate criminals don’t always tell the truth. Their computers usually do.” Thomas Talleur, KPMG

Computer Forensics “I need you to step away from your computer please,” Lee Altschuler said. Morgan Fay’s chief financial officer glanced up from her computer screen. She regarded the man standing at her office doorway for a moment. “Excuse me?” Cindy Shalott asked. “We’d like you to please conclude your business for the day.” Lee Altschuler said. “I’d appreciate it if you could complete whatever you’re doing as quickly as you can. Please leave your computer in the way that it is now. Don’t turn it off.” The chief financial officer swung her desk chair around. “Just move away from your computer please,” Altschuler repeated. “Who are you?” Cindy Shalott asked. Source: Joe Anastasi, The New Forensics, John Wiley & Sons, 2003, p. 91

Data Mining Found WorldCom Mess
Auditors should perform all of the analytics themselves, and they must be educated in fraud detection and introduced to data mining techniques. When the concept of data mining is brought up, audit managers cringe and argue that they cannot afford to employ statisticians. However, while there is data mining software that requires a statistician’s level of expertise (such as IBM’s Intelligent Miner), there also are products, such as WizSoft Inc., that can be employed by most auditors who are acquainted with the fundamentals of Microsoft Office and who are curious as to why they obtained their audit results. Source: Bob Denker, “Data Mining and the Auditor’s Responsibility,” Information Systems Audit and Control Association InfoBytes.

Fraudulent financial reporting may occur by the following:
Manipulation, falsification, or alteration of accounting records, or supporting documents from which financial statements are prepared. Misrepresentation in or intentional omission from the financial statements of events, transactions, or other significant information. Intentional misapplication of accounting principles relating to amounts, classification, manner of presentation, or disclosure. Source: SAS No. 99, “Consideration of Fraud in a Financial Statement Audit,” New York: AICPA

Falsification Enron’s crude oil trading operation based in Valhalla, New York was fictitious, according to one auditor. “It was pretend. It was a playhouse. There were a lot of expensive people working there, and it was impressive looking, but it wasn’t legitimate work. The traders were keeping two sets of books, one for legitimate purposes – to show Enron and auditors from Arthur Andersen – one other set in which to record their ill-gotten gains. Source: Mimi Swartz and Sherron Watkins, Power Failure, New York: Doubleday, 2003, p.31.

SAS No. 99 Ways to Overcome the Risk of Management Override of Controls
Examining journal entries and other adjustments. Reviewing accounting estimates for bias, including a retrospective review of significant management estimates. Evaluating the business rationale for significant unusual transactions.

Parmalat Deceptions Parmalat, an Italian diary company, had a nonexistence Bank of America bank account worth $4.83 billion. A SEC lawsuit asserts that Parmalat “engaged in one of the largest and most brazen corporate financial frauds in history.” Apparently, the auditors Grant Thornton relied on a fake Bank of America confirmation prepared by the company. SAS No. 99 does not prohibit clients from preparing confirmations. The fraud continued for more than a decade. At least $9 billion unaccounted for. Therefore, the audited company should not be in control of the confirmation process. The owner treated the public company as if it was his own bank account. An unaware phone operator was the fake chief executive of more than 25 affiliated companies. Some $3.6 billion in bonds claimed to be repurchased had not really been bought.

Examples Enron issued $1.2 billion of stock to special purpose entities and recorded a $1.2 billion notes receivable (rather than a contra account to stockholders equity). Both assets and owners equity were overstated by $1.2 billion. HealthSouth allegedly overstated profits by at least $14 billion by billing Medicare for physical – therapy services the company never performed. The company submitted falsified documents to Medicare to verify the claims over 10 years. E&Y collected $2.6 million from HealthSouth (as audit-related fees) to check the cleanliness and physical appearances of 1,800 facilities. A 50- point checklist was used by dozens of junior-level accountants in unannounced visits. For 2000, E&Y audit fee, $1.03 million; other fees, $2.65 million.

TRUTH Given the right pressures, opportunities, and rationalizations, many employees are capable of committing fraud. Bev Harris says that fraudsters and embezzlers are the nicest people in the world: Wide-eyed mothers of preschoolers. Your best friend. CPAs with impeccable resumes. People who profess deep religious commitments. Your partner. Loyal business managers who arrive early, stay late, and never take a vacation. And sometimes, even FAMILY MEMBERS. So if you’re looking for a sinister waxed mustache and shifty eyes, you’re in for a surprise – scoundrels come in every description. Source: “How to Unbezzle A Fortune,” p. 1.

Comparison of Auditing and Forensic Examination
Issue Audit Forensic Examination Timing Recurring: audits are conducted on a regular basis Nonrecurring: fraud examinations are nonrecurring. They are conducted only with sufficient predication. Scope General: collection of sufficient, competent data to support the opinion rendered. Specific: the fraud examination is conducted to resolve specific allegations. Objective Opinion: express opinion on financial statements Affix blame: determine if fraud occurred and who is responsible. Adversarial in nature. Methodology Audit techniques applied primarily to financial data. Fraud examination techniques include document examination, public record searches, and interviews. Presumption Professional skepticism Proof to support or refute an allegation of fraud. Source: Apostolou, B, “Course : Fundamentals of Fraud Detection and Prevention,”

Financial Audit v. Forensic Audit
The typical financial audit is a sampling activity that doesn’t look at every transaction and can therefore be exploited by someone who knows how to rig the books. Forensic accounting focuses on a specific aspect of the books and examines every digit. While the average accountant is trying to make everything add up, a forensic accountant is performing a detailed financial analysis to find out why everything doesn’t or shouldn’t add up. It’s a far more time-consuming enterprise and can be significantly more expensive than regular auditing work. Jake Poinier, “ Fraud Finder,” Future Magazine, Fall 2004,

Financial Audit v. Forensic Audit
“ During one investigation, we found in the auditing working papers written in the margin of the internal audit working papers by the internal audit manager: ‘Conceal from bankers,’ says Nicholas L. Feakins, CPA, partner at San Mataeo, Calif based forensic accounting firm Feakins & Feakins. “ It sounds amazing, but the [third-party] auditors has put B-level staff on the project who simply didn’t read the documents and missed it.” MiniScribe, one of the world’s largest disk-drive makers, which in the late 1980s was surreptitiously shipping bricks instead of disk drives to the Far East and receiving credit from the bank for the amount of the shipments. “After all,” he says “it’s going to be 90 days until they ship the brick back to you. “MiniScribe’s public accounting firm, Coopers & Lybrand, didn’t catch the false-revenue scam during its regular audits-but a forensic accountant did.” Jake Poinier, “ Fraud Finder,” Future Magazine, Fall 2004,

Bridging the Gap Forensic accountants play a key role in bridging the gap between an audit and an investigation. Every audit cannot, and should not be conducted as a full-fledged forensic investigation. GAAS states, “An auditor typically works within economic limits; the auditor’s opinion, to be economically useful, must be formed within a reasonable length of time and at reasonable cost.” [SAS No. 31] Forensic investigations also may be subject to such constraints, but the parameters are often vastly different. As a result, a forensic investigation might represent a large multiple, in both cost and elapsed time, of what an audit would normally entail. This approach will undoubtedly reduce the likelihood of undetected fraud. However, such an approach also might reduce the likelihood of completing the engagement in time for meeting the filing deadline for an SEC Form 10-K. [SAS No. 99]

Traditional Audit Traditional Investigation Pre SAS 99 Auditing Standards Consulting Standards SAS 99 Traditional Investigation Forensic Procedures in the Audit Environment Post SAS 99 Auditing Standards Consulting Standards Source:AICPA, “Forensic Services, Audits, and Corporate Governance: Bridging the Gap,” Discussion Memorandum, 2004.

Steps Toward Forensic Audit
Traditional audit [forensic techniques & fraud prevention program]. If suspect fraud, bring in-house forensic talent into the audit. If no in-house talent or fraud complex, engage an outside forensic accountant (e.g., Cr.FA, CFFA, or CDF). As audit moves toward forensic investigation, auditor must comply with litigation services standards (consulting).

Materiality Unimportant
“Auditing is governed by materiality. In investigative accounting, it is the opposite. I am looking for one transaction that will be the key. The one transaction that is a little different, no matter how small the difference, and that will open the door.” Lorraine Horton, owner of L. Horton & Associates in Kingston, R.I. “Fraud usually starts small. It begins with little amounts, because the perpetrator is going to test the system. If they get away with it, then they keep on increasing and increasing it.” Robert J. DiPasquale Source: H.W. Wolosky, “Forensic Accounting to the Forefront,” Practical Accountant, February 2004, pp

Forensic Accounting v. Auditing
“Forensic accounting is very different from auditing in that there is no template to use. There are no set rules. You don’t know when you go into a job how it is going to be.” Lorraine Horton, Kingston, R.I “Forensic accounting “is a very competitive field. What is interesting is that you may be a good accountant, but not a good forensic accountant. The training and the way you look at transactions are different.” Robert J. DiPasquale, Parsippany, N.J. “Unlike auditing, lower-level staff often can’t be used for an engagement. They normally will not spot anything out of the ordinary, and an experienced person should be the one testifying as well as doing the investigative work.” Lorraine Horton, Kingston, R.I. Source; H.W. Wolosky, “Forensic Accounting to the Forefront,” Practical Accountant, February 2004, pp

Poster Child For Overregulation?
The PCAOB believes that an attestation is an expert’s communication of a conclusion about the reliability of someone else’s assertion (e.g., a financial statement audit is a form of attestation). [p. A-6] S-O Act Section 404(b) states that an auditor’s attestation of management’s assessment of internal controls is not a separate engagement. Instead, PCAOB states that an “integrated audit results in two audit opinions: one on internal control over financial reporting and one on the financial statements.” Both require the same level of work. PCAOB 2004 Budget: $103 million. PCAOB 2005 Budget: $152.8 million Source: PCAOB Release , March 9, 2004

Internal Controls Not Perfect
Even the PCAOB believes that internal controls “cannot provide absolute assurance of achieving financial reporting objectives because of inherent limitations (e.g., a process that involves human diligence and compliance can be intentionally circumvented).” [p. A-12]. Source: PCAOB Release , March 9, 2004

Auditing Internal Controls
Planning the engagement; Evaluating management’s assessment process; Obtaining an understanding of internal control over financial reporting; Testing and evaluating design effectiveness of internal control over financial reporting; Testing and evaluating operating effectiveness of internal control over financial reporting; Forming an opinion on the effectiveness of internal control over financial reporting. Source: PCAOB Release , A-17.

PCAOB endorses the COSO Cube [pp. 24-26 and A-25 and A-26]
Anti-Fraud Program An auditor must perform “company-wide anti-fraud programs and controls and work related to other controls that have a pervasive effect on the company, such as general controls over the company’s electronic data processing.” Further, the auditor must “obtain directly the ‘principal evidence’ about the effectiveness of internal controls.” PCAOB endorses the COSO Cube [pp and A-25 and A-26] Source: PCAOB Release

Walkthroughs An auditor must perform a walkthrough of a company’s significant processes (each major class of transactions). Can not be achieved secondhand. According to PCAOB, in a walkthrough an auditor traces “company transactions and events – both those that are routine and recurring and those that are unusual – from origination, through the company’s accounting and information systems and financial report preparation processes, to their being reported in the company’s financial statements.” Auditors should perform their own walkthroughs which provides auditors with appropriate evidence to make an intelligent assessment of internal controls. Source: PCAOB Briefing Paper, Proposed Auditing Standards, October 7, 2003.

New Terms in Financial Reports: Deficiencies Have No Bright Lines
Control deficiency – one that might allow a bad number to get into the financial reports (e.g., the likelihood that a company misstates reports is remote– 1 out of 20) Example: company does not check changes made by a salesman in a minor contract. Significant deficiency – more serious flaw or a number of flaws that increase the chances that wrong numbers will significantly distort financial statements (e.g., more than remote). Example: company not checking for changes to terms of several key contracts. Need only to report to BOD, but some companies are making them public.

Deficiencies Have No Bright Lines
Material weakness – deficiencies are so bad that there is more than a remote change of a material misstatement in financial statements. Example: a bank does not regularly check for errors in estimating loan-loss expenses (i.e., Fannie Mae reported a $1.3 billion error from its computer model, many in an uncontrolled environment). They must be reported. David Henry, “How Clean Are the Books?” Business Week, March 7, 2005, pp

Numerous Material Weaknesses
Of 233 companies reporting material weaknesses, 88 companies (38%) cited tax as the area of deficiency. Bob Ross, Urban Outfitters, says with a 40% effective rate, if there is an error in tax it will have a material effect of the financials. Tim Reason, “Feeling the Pain,” CFO, May, 2005, p. 55.

Material Weaknesses: Adverse Opinion
PCAOB provides several strong indicators that material weaknesses exist in internal controls: Ineffective oversight of the company’s external financial reporting and internal control over financial reporting by the company’s Board of Directors. Board of Directors must be responsible for evaluating the performance and effectiveness of the audit committee. Material misstatement in the financial statements not initially identified by the company’s internal controls. Significant deficiencies that have been communicated to Board of Directors and the audit committee but that remain uncorrected after a reasonable period of time. Source: PCAOB Release , pp

Parallel Universe: Two Opinions
External auditors must do a regular audit of a company (e.g., financial statements are fairly stated) and must also audit the internal controls that are to ensure that the financial statements are accurate (e.g., issue two opinions). Prior to the external auditors’ arrival, the company itself must review its internal controls and issue a report on the effectiveness of these controls. There will be two external opinions: on management’s assessment of the internal controls over financial reporting and another one on the effectiveness of the internal controls themselves (e.g., statements are fairly stated). PCAOB Release

Financial Statement Assertions
For each significant account, an auditor should determine the relevance of each of these financial statement assertions: Existence or occurrence Completeness Valuation or allocation Rights and obligations Presentations and disclosure. Source: PCAOB Release , A-33

Slot Machine Example

Revenue Flows

Wandering Around Informal observations while in the casino.
Especially valuable when assessing the internal controls. Observe employees while entering and leaving work and while on lunch break. Observe posted material, instructions, job postings. Observe information security and confidentiality. Observe the compliance with procedures.

Reducing External Auditing Fees: PCAOB
An auditor's own work must provide the principal evidence for the auditor's opinion is one of the boundaries within which the auditor determines the work he or she must perform himself or herself in the audit of internal control over financial reporting. In all audits of internal control over financial reporting, an auditor must perform enough of the testing himself or herself so that the auditor's own work provides the principal evidence for the auditor's opinion. The auditor may, use the work of others to alter the nature, timing, or extent of the work he or she otherwise would have performed.

As these factors increase in significance, the need for the auditor to perform his or her own work on those controls increases. As these factors decrease in significance, the need for the auditor to perform his or her own work on those controls decreases. The materiality of the accounts and disclosures that the control addresses and the risk of material misstatement. The degree of judgment required to evaluate the operating effectiveness of the control (that is, the degree to which the evaluation of the effectiveness of the control requires evaluation of subjective factors rather than objective testing). The pervasiveness of the control. PCAOB Release

Reducing External Auditing Fees: PCAOB (cont.)
The level of judgment or estimation required in the account or disclosure. The potential for management override of the control. PCAOB Release

If internal auditors have performed an extensive amount of relevant work and the auditor determines they possess a high degree of competence and objectivity, the auditor could use their work to the greatest extent an auditor could use the work of others. On the other hand, if the internal audit function reports solely to management, which would reduce internal auditors' objectivity, or if limited resources allocated to the internal audit function result in very limited testing procedures on its part or reduced competency of the internal auditors, the auditor should use their work to a much lesser extent and perform more of the testing himself or herself. PCAOB Release

The auditor should test some of the work of others to evaluate the quality and effectiveness of the work. The auditor's tests of the work of others may be accomplished by either (a) testing some of the controls that others tested or (b) testing similar controls not actually tested by others. Moral: Reduce external audit fees by beefing up the internal auditing department. PCAOB Release

Test of Detail Because of management overriding controls, substantive analytical procedures alone are not well suited to detecting fraud. The auditor’s substantive procedures must include reconciling the financial statements to the accounting records. The auditor’s substantive procedures must also include reconciling the financial statements to the accounting records. The auditor’s substantive procedures also should include examining material adjustments made during the course of preparing the financial statements. Also, other auditing standards require auditors to perform specific tests of detail in the financial statement audit. For instance, AU sec. 316, Consideration of Fraud in Financial Statement Audit, require the auditor to perform certain tests of detail to further address the risk of management override, whether or not a specific risk of fraud has been identified. Paragraph .34 of AU Sec 330, The Confirmation Process, states that there is a presumption that the auditor will request the confirmation of accounts receivable. Similarly, paragraph .01 of AU Sec. 331, Inventories, states that observation of inventories is a generally accepted auditing procedure and that the auditor who issues an opinion without this procedure ‘has the burden of justifying the opinion expressed.” PCAOB Release , A-66.

Law Suits Few So Far Companies reporting problems with internal controls have not seen a big increase in class-action lawsuits, according to a study by Deloitte & Touche between November 2003 and August 2004. Deloitte said only 6% of the 290 companies reporting internal-control flaws were sued. 52% of the firms had material weakness in their internal controls. These internal control announcements did not seem to send prices downward. Highest incidence of internal controls: -computer-software firms -manufacturers -health-care and pharmaceutical companies. - financial-services firms -telecommunication companies. The newsletter Compliance Week said that 582 companies acknowledged problems in 2004. Source: Judith Burns, “Few Firms Are Sued Over Flaws in Internal Controls, Study Finds, WSJ, December 29, 2004, p. B-5.

AICPA Audit Committee Toolkit
“In some situations, it may be necessary for an organization to look beyond the independent audit team for expertise in the fraud area. In such cases, CPA forensic accounting consultants can provide additional assurance or advanced expertise, since they have special training and experience in fraud prevention, deterrence, investigation, and detection. Forensic accounting consultants may also provide fresh insights into the organization’s operation, control systems, and risks. The work of forensic accounting consultants may also provide comfort for the organization’s CEO and CFO, who are required to file certifications under Sarbanes-Oxley.”

Types of Forensic Engagements
Determine if fraud is occurring. Support criminal or civil action against dishonest individuals. Form a basis for terminating a dishonest employee. Support an insurance claim. Support defense of an accused employee. Determine whether assets or income were hidden by a party to a legal proceeding (such as a bankruptcy or divorce). Identify internal controls to prevent it from happening again. Source: D.R. Carmichael, et. al, Fraud Detection, 5th, Fort Worth: Practitioners Publishing, 2002, p. 2 – 4.

Two Major Types of Fraud Investigations
Reactive: Some reason to suspect fraud, or occurs after a significant loss. Proactive: First, preventive approach as a result of normal operations (e.g., review of internal controls or identify areas of fraud exposure). There is no reason to suspect fraud. Second, to detect indicia of fraud. Source: H.R. Davia, “ Fraud Specific Auditing,” Journal of Forensic Accounting, Vol. 111, 2002, pp

Proactive vs. Reactive Approaches
Proactive approaches include Effective internal controls, Financial and operational audits, Intelligence gathering, Logging of exceptions, and Reviewing variances. Reactive detection techniques include Investigating complaints and allegations, Intuition, and Suspicion. Jack Bologna and Robert Lindquist, Fraud Auditing and Forensic Accounting, 2d Edition, New York: John Wiley, 1995, p. 137.

Fraud Deterrence Review
Analysis of selected records and operating statistics. Identify operating and control weaknesses. Proactively identify the control structure in place to help prevent fraud and operate efficiently. Not an audit; does not express an opinion as to financial statements. May not find all fraud especially where two or more people secretively agree to purposely deceive with false statements or by falsifying documents. [Always get a comprehensive, signed engagement letter defining objectives.]

Swimming Lanes X Mary Larry Jane Sam Controls Cash Entries in Books
Deposits Checks Does Reconciliation Controls Account Receivable

GAP Analysis Actual Internal Controls
Organization’s Stated Internal Controls Best Practices Internal Controls

Inexperienced Forensic Auditors
Find out who did it. Do not worry about all the endless details. Be creative, think like the fraudster, and do not be predictable. Lower the auditing threshold without notice. Take into consideration that fraud often involves conspiracy. Internal control lapses often occur during vacations, sick outages, days off, and rest breaks, especially when temporary personnel replace normal employees. H. R. Davia, Fraud 101, New York: John Wiley & Sons, 2000, pp

How Fraud Occurs Source: KPMG Fraud Study

Types of Fraud Source: KPMG Fraud Study

Certain Fraud is Increasing
Source: KPMG Fraud Study

Measures Helpful in Preventing Fraud
Strong Internal Controls (3.66) Willingness of companies to prosecute (3.44) Regular fraud audit (3.40) Fraud training for auditors (3.33) Anonymous fraud reporting mechanisms (3.27) Background checks of new employees (3.25) Established fraud policies (3.12) Ethical training for employees (2.96) Workplace surveillance (2.89) Source: 2004 Wells Report

Executions for Fraud? In September 2004, Wang Liming, a onetime accounting officer at China Construction, and two other bank employees were executed for defrauding the bank of $2.4 million. In an unrelated corruption case, an officer at the Zhuhai branch of the Bank of China was put to death. John Goff, “Bank Fraud Brings Executions,” CFO, November 2004, p.20.

Auditors Must be Alert for:
Concealment Collusion Evidence Confirmations Forgery Analytical relationships Source: Gary Zeune, “The Pros and Cons.” “Things are not what you think they are.” Al Pacino, “The Recruit.”

SAS No. 99 Recommendations
Brainstorming. Increased emphasis on professional skepticism. Discussions with management. Unpredictable audit tests. Responding to management override of controls.

Internal Auditors and Fraud Detection
The Institute of Internal Auditors’ Due Professional Care Standard (Section 280) assigns the internal auditor the task of assisting in the control of fraud by examining and evaluating the adequacy and effectiveness of the internal control system. However, Section 280 says that management has the primary responsibility for the deterrence of fraud, and management is responsible for establishing and maintaining the control systems. In general, internal auditors are more concerned with employee fraud than with management and other external fraud.

When Fraud Is Discovered
Notify management or the board when the incidence of significant fraud has been established to a reasonable certainty. If the results of a fraud investigation indicate that previously undiscovered fraud materially adversely affected previous financial statements, for one or more years, the internal auditor should inform appropriate management and the audit committee of the board of directors of the discovery. A written report should include all findings, conclusions, recommendations, and corrective actions taken. A draft of the written report should be submitted to legal counsel for review, especially where the internal auditor chooses to invoke client privilege.

Audit Committee The audit committee is the subcommittee of an organization’s board of director’s charged with overseeing the organization’s financial reporting and internal control processes. The audit committee’s biggest responsibility is monitoring the component parts of the audit process. The board of directors and its representative audit committee should oversee (1) the integrity, quality, transparency, and reliability of the financial reporting process; (2) the adequacy and effectiveness of internal control structure in preventing, detecting, and correcting material misstatements in the financial statements; and (3) the effectiveness, efficacy, and objectivity of audit functions.

Audit Committee Red Flags
Independence of audit committee from management. The clarity with which the audit committee’s responsibilities are articulated, such as in the charter, and how well the audit committee and management understand those responsibilities; The audit committee’s interactions and involvement with the independent and internal auditor; and Whether the audit committee raises and pursues with management and the independent auditor the appropriate questions, including questions that indicate an understanding of the critical accounting policies and judgmental accounting estimates.

Management’s Role The Sarbanes-Oxley Act of 2002 mandates that CEOs and CFOs certify in periodic reports containing financial statements filed with the SEC the appropriateness of financial statements and disclosures. In March 2005, the SEC said that executives are gatekeepers. Thus, an executive can be in trouble if in a position to detect wrongdoing below them and do not move forcefully to prevent the fraud. It does not matter if the executive has been lied to. An executive has the responsibility to cut through the lies and try to root out the truth. Carol. J. Loomis, “The SEC Turns the Screws on Gatekeepers,” Fortune, April 18, 2005, p. 38.

Pressures On All Sides CEOs are now being squeezed as a result of SOX by BODs, auditors, and lawyers because these watchdogs are finally facing genuine liability for their failures. These watchdogs are trying to protect their hides. Arthur Andersen is out of business, and directors at WorldCom and Enron are paying off fraud claims out of their own pockets. Hank Greenberg, former Chairman and CEO of AIG said that the balance of power in corporate America has shifted. Diane Brady and Joseph Weber, “The Boss on the Sidelines,” Business Week, April 25, 2005, p. 88.

CEO Duality Eight of the ten recent scandals had board chairs who were also CEO: Enron 5. HealthSouth Adelphia 6. Quest Tyco 7. Homestore Waste Management 8. Sunbeam WorldCom and Global Crossing had different Chairman and CEO. Aging Board of Directors. “Easier for Management to get away with misdeeds.” Enron’s Audit Committee chairman was 72. “They can be hard of hearing.” Nearly 10% of directors in the S & P’s 500 stock index are 70 or over. Source: Louis Lavelle, “Directors: Know When to Fold Them, “Business Week, May 24, 2004, p.14.

Audit Tests The Panel on Audit Effectiveness recommended that surprise or unpredictable elements should be incorporated into audit tests, including: Recounts of inventory and unannounced visits to locations Interviews of financial and nonfinancial client personnel in different locations Requests for written confirmations from client employees regarding matters about which they have made representations to the auditors Tests of accounts not normally preformed annually Tests of accounts traditionally or frequently deemed “low risk”

SAS No. 99: SKEPTICISM An attitude that includes a questioning mind and a critical assessment of audit evidence. An auditor is instructed to conduct an audit “with a questioning mind that recognizes the possibility that a material misstatement due to fraud could be present, regardless of any past experience with the entity and regardless of the auditor’s belief about management’s honesty and integrity.”

SKEPTICISM Ronald Reagan said with respect to Russia, “Trust, but verify.” FA’s motto should be “Trust no one; question everything; verify.” This ain’t my first rodeo. I didn’t make it all the way through school But my mama didn’t raise no fool. I may not be the Einstein of our time But honey, I’m not dumb, and I’m not blind. Vern Gosdin

SAS No. 99: Questions for Management
Whether management has knowledge of any fraud that has been perpetrated or any alleged or suspected fraud. Whether management is aware of allegations of fraud, for example, because of communications from employees, former employees, analysts, short sellers, or other investors. Management’s understanding about the risks of fraud in the entity, including any specific fraud risks the entity has identified or account balances or classes of transactions for which a risk of fraud may be likely to exist. Programs and controls the entity has established to mitigate specific fraud risks the entity has identified, or that otherwise help prevent, deter, and detect fraud, and how management monitors those programs and controls. For an entity with multiple locations, (a) the nature and extent of monitoring of operating locations or business segments, and (b) whether there are particular operating locations or business segments for which a risk of fraud may be more likely to exist. Whether and how management communicates to employees its views on business practices and ethical behavior.

BE SKEPTICAL Assume there may be wrong doing.
The person may not be truthful. The document may be altered. The document may be a forgery. Officers may override internal controls. Try to think like a crook. Think outside the box.

Think Like A Crook Know your enemy as you know yourself, and you can fight a hundred battles with no danger of defeat.” Chinese Proverb. Military leaders study past battles. Football and basketball teams study game films of their opponents. Chess players try to anticipate the moves of their opponent. Examples: If contracts above $40,000 are normally audited each year, check the contracts between $30,000-$40,000. FAs must learn the tricks of the trade as well as the trade.

Think Outside the Box American astronauts returning from space complained that they could not write with their pens in zero gravity. NASA set aside $1 million to develop a sophisticated pen that would function in space. The Russians encountered the same problem. What did they do?

Fraud Awareness Auditing: Unrefined Oil

Thinking as a Forensic Auditor
The Iceberg Theory of Fraud Overt Aspects Hierarchy Financial Resources Goals of the Organization Skills and Abilities of Personnel Technological State Performance Measurement Structural Considerations Water line Covert Aspects Attitudes Feelings (Fear, Anger, etc.) Values Norms Interaction Supportiveness Satisfaction Behavioral Considerations Source: G.J. Bologna and R.J. Lindquist, Fraud Auditing and Forensic Accounting, 2nd Edition, New York: John Wiley, 1995, pp

Behavioral Concepts Important
“Not all fraud schemes can effectively be detected using data-driven approaches. Instances of corruption-bribery, kickbacks, and the like – and collusion consistently involve circumvention of controls. Searching relevant transaction data for patterns and unexplained relationships often fails to yield results because the information may not be recorded, per se,by the system. Behavioral concepts and qualitative factors frequently allow the auditor to look beyond the data, both with respect to data that is there and the data that isn’t.” Source: S. Ramamoorti and S. Curtis, “Procurement Fraud & Data Analytics, “Journal of Government Financial Management, Winter 2003, Vol. 52, No. 4, pp

Life Styles For someone who earned a salary of just $1,000 a month, Rana Koleilat managed to live a pretty nice life. She traveled by private jet, took along her servant and hairdresser, and stayed at poshest locality in London and Paris. Back home in Beirut, Lebanon, she lived in three-story penthouse. To anyone who asked how she lived so well, she replied that she had a “rich uncle.” Actually, Koleilat helped manager a private bank in Beirut, and thereby hangs a tale. The chairman of the bank said he lost $1.2 billion, and depositors lost another several hundred million dollars. E.T. Pound, “Following the Old Money Trail,” U.S. News & World Report, April 4, 2005, p. 30

Three Major Phases of Fraud
The Act itself. The concealment of the fraud (in financial statements). Conversion of stolen assets to personal use. One can study any one of these phases. Examples: Things being stolen: conduct surveillance and catch perp. If liabilities being hidden, look at financial statements for concealment. If perp has unexpected change in financial status, look for source of wealth. Source: Cindy Durtschi, “The Tallahassee Bean Counters: A Problem-Based Learning Case in Forensic Audit,” Issues in Accounting Education, Vol. 18, No. 2, May 2003, pp

Be Proactive Fraud hotline (reduce fraud losses by 50% re Wells 2002 Report). Suggestion boxes. Make everyone take vacations. People at top must set ethical tone. Widely known code of conduct. Check those employee references. Reconcile all bank statements. Count the cash twice in the same day. Unannounced inventory counts. Fraud risk assessment (CFD).

Fraud Hypothesis Testing Approach
Here a forensic accountant attempts to pro-actively detect fraud that is still undiscovered by formulating and testing null hypotheses. This proactive technique requires an forensic investigator to Identify the frauds that may exist in a particular situation. Formulate null hypotheses stating that the frauds do not exist. Identify the red flags that each of the frauds would create. Design customized queries to search for the specific red flags or combination of red flags. In a refinery, three authors report that after a formalized pro-active search for red flags, some unknown frauds were discovered. But applying generic data mining programs to the company’s database to detect fraud resulted in a number of Type II errors. So in order to be useful the red flags had to be fraud and company specific. C.C. Albercht, W.S. Albercht, and J.G. Dunn, “Conducting a Pro-Active Fraud Audit: A Case Study,” Journal of Forensic Accounting, Vol. 11, 2000, pp

Fake Diplomas At least 28 high-level federal employees have degrees from bogus colleges or unaccredited schools, only a slice of a problem that ranges from worker quality to national security, congressional investigators say. Three unaccredited schools investigated-Pacific Western University, California Coast University and Kennedy-Western University-reported that 463 current or former students were federal employees. Most of those listed were in the Defense Department. The bill to taxpayers at just two of the schools was $169,471. One of those workers paid $5,000 for a master’s degree from LaSalle University, an unaccredited school unrelated to LaSalle University in Pennsylvania. The worker attended no classes, took no tests and told the GAO his degree was a joke. Source: Ben Feller, “GAO: Some U.S. Workers Have Fake Degree,” Las Vegas Sun, May 11, 2004.

Hot Lines – Sarbanes-Oxley
Audit Committee (AC) must provide a mechanism for employees to remain anonymous when reporting concerns about accounting and auditing problems. AC must provide a process for the receipt, retention, and treatment of complaints regarding accounting problems. Annual report must contain a statement regarding the effectiveness of internal controls. Employees have the right to sue companies for whistle-blowing retaliation. Managers found guilty of retaliation face penalties, including up to 10 years in prison. See The Network,

Fraud Risk Assessment Ernst & Young report found that organizations that had not performed fraud vulnerability reviews were almost two-thirds more likely to have suffered a fraud within the past 12 months. J.W. Koletar, p. 167. A company should have a fraud risk assessment performed of their controls, procedures, systems, and operations. J.W. Koletar, p. 166. Sources: J.W. Koletar, Fraud Exposed, John Wiley & Sons, 2003

Complaints Increasing
Today the SEC is getting 1,300 complaints per day from whistleblowers, compared to 1,300 per year in 1996. Source: Krane, H., “Securities Law Update,” California Lawyer, February 2004.

Some Hints Need to really understand the business unit. What they really do. Rotation of assignments. Have a written/signed ethics policy. Do things differently each time you audit a unit. Do not tell client what you are doing. Hard to find fraud in the books. Look/listen. Look for life style changes. Do not rely on internal controls to deter fraud. Auditors must have control of the confirmation process.

Code of Ethics Required by Sarbanes-Oxley
Section 406: Public issuer has to adopt a code of ethics for senior financial officers to deter wrong –doing and to promote Honest and ethical conduct. Full, fair, accurate, timely and understandable disclosure in SEC filings. Compliance with government laws, rules, and regulations. Prompt internal reporting code violations; Accountability for adherence to the code.

More Hints … Check employee references/resume.
Stop giving the employee/client the answer when you ask a question. Zero tolerance for allowing employee/executive to get away with anything. Try to think like a criminal. Get inside the criminal’s mind. Be a detective. Do not assume you have honest employees. Bond employees. Source: Gary Zeune

Auditing Hints SAS No. 99 does not require auditors to make inquiries of “others,” as opposed to management. Auditors must talk to and interview others below management level. If asked, employees may be willing to report suspicious activities. Use independent sources for evaluating management (e.g., financial analysts). Surf the internet. Auditors need to follow the performance history of managers and directors. If a company has an anonymous reporting system, obtain information about the incidents reported and consider them when assessing fraud risk. Be sure to perform analytical procedures, and the work should be reviewed by senior members of the audit team. Auditors should select sample items below their normal testing scope. Fraud procedures should be more than checklists. Audits should focus on finding and detecting fraud.

Check References and Resume
Fraud 101: Fraudsters can change their job and address, but they can not change who they are.

Run A Criminal-Records Check
Federal Bureau of Prisons-since 1982; Click on “Inmate Info.”, then “BOP Inmate Locator,” free. Crime Time. .com. Click on “Sex Offender Info.,” free. Background Check Gateway Click on “Step 3: Start Your Investigation,” then “Criminal History,” free.

Lavish Executive Pay Many of the companies indicted by the SEC after Enron had one thing in common: CEOs were making about 75% above their peers. The common thread among the companies with the worst corporate governance is richly compensated top executives, as per the Corporate Library, Portland, Maine governance-research firm. Hefty pay checks and perks to current or former chief executives. Poor BODs have in common: an inability to say no to current or former chief executives. Source: Monica Langley, “Big Companies Get Low Marks for Lavish Executive Pay,” Wall Street J., June 9, 2003, p. C-1.

$6,000 Shower Curtain In Dennis Kozlowski’s $18 million apartment on Fifth Avenue in Manhattan paid from Tyco International funds. $6,000 shower curtain in maid’s room. Art work by French Impressionists. $15,000 umbrella stand. $70,000 salary for maid, with two $10,000 bonuses. Borrowed $13.5 million for a yacht and $5 million for a diamond ring for his wife. $2 million birthday party for wife. $30,000 worth of opera glasses. Although a PWC auditor testified that he reviewed some of the disputed loans and compensation, he did not determine if approved by the BOD. “That wasn’t part of our auditing procedures.”

Compensation Facts CEOs compensation components have increased dramatically in the 1990 [mean of $1.68 million in 1992 to 43.2 million in 2000] even after the passage of IRC Section 162 (m) in 1993 [$1 million limit]. Balsam, S An Introduction to Executive Compensation. San Diego, CA: The Academic Press. Compensation increases when the CEO has influence over the outside directors, as measured by the percentage of outside directors appointed by the CEO. Core, J.E, Holthausen, R and Larcker, D Corporate governance, chief executive officer compensation, and firm performance, Journal of Financial Economic 51: CEO compensation is higher when the CEO’s tenure is greater than the chair of the compensation committee. Main, B., O’Reilly, C, and Wade, J The CEO, the board of directors and executive compensation: economic and psychological perspectives, Industrial and Corporate Change 4: The relation between the change in CEO cash compensation and stock returns weaken with tenure. Hill, C. and Phan, P CEO tenure as a determinant of CEO pay. Academy of Management Journal 34: The greater the percentage of outside board members appointed after the CEO, the more likely the CEO will have a golden parachute. Wade, J., O’Reilly, C, and Chandratat, I Golden parachutes: CEOs and the exercise of social influence. Administrative Science Quarterly 35:

To Find Compensation Data

Earnings Management Earnings management may be defined as the “purposeful intervention in the external financial reporting process, with the intent of obtaining some private gain.” – Katharine Schipper, “Commentary on Earnings Management,” Accounting Horizon, December 1989, p. 92.

Taxes Paid on Fraudulent Earnings
27 firms accused by S.E.C. We estimate that the median firm sacrificed eight cents in additional income taxes per dollar of inflated pretax earnings. In aggregate, we estimate that the firms in our sample paid $320 million in taxes on overstated earnings of about $3.36 billion. These results indicate now far managers of firms are willing to go when allegedly inflating earnings. Source: M. Erickson et. al, “How Much Will Firms Pay for Earnings That Do Not Exist? Evidence of Taxes Paid on Allegedly Fraudulent Earnings,” Accounting Review, Vol. 79, No. 2, 2004, pp. 387.

Earnings Management The difference between earnings management and financial statement fraud is the thickness of a prison wall. D. Larry Crumbley The difference between earnings management and financial statement fraud is like the difference between lightning and a lightning bug.

Earnings Management Companies that consist solely of independent directors and meet at least four times a year are likely to have lower non-audit service fees. L.J. Abbott et.al, “An Empirical Investigation of Audit Fees, Non-Audit Fees, and Audit Committees,” Contemporary Accounting Research, Summer, 2003, p. 230. An auditor who is also an industry specialist further enhances the credibility of accounting information (e.g., less earnings management). G.V. Krishnan, “Does Big 6 Auditor Industry Expertise Constrain Earnings Management?” Accounting Horizons, Vol. 17, Supplement 2003, p. 15.

Earnings Management Lower perceptions of earnings quality lead investors to more thoroughly examine a firm’s audited financial statements. A more thorough analysis of a firm’s financial statements lead investors to lower their assessment of the firm’s earnings quality. F.D. Dodge, “Investors perceptions of Earnings Quality, Auditor Independence, and the Usefulness of Audited Financial Information,” p. 46. Found no evidence that short sellers trade on the basis of information contained in accruals. Scott Richardson, “Earnings Quality and Short Sellers,” p. 49.

Earnings Management Small companies tend to more frequently manage earnings to avoid losses than large companies. Auditors type appears insignificant. Brain Lee and Ben Choi, “Company Size, Auditor type, and Earnings Management.” Journal of Forensic Accounting, Vol. 3 (2002), pp

Fraud Identifiers to Spot Fraudsters
Large ego Substance abuse problems or gambling addiction Living beyond apparent means Self-absorption Hardworking/taking few vacations Under financial pressure (e.g., heavy borrowings) Sudden mood changes. Source: G.E. Moulton, “Profile of a Fraudster,” Deloitte Touche Tohatsu,

Types of Financial Statement Fraud Schemes
Three professors have broken financial statement fraud schemes into these ten types: Fictitious and/or overstated revenues and assets (e.g., nonordered or cancelled goods). Sunbeam created revenues by contingent sales, a bill-and-hold strategy, and accelerated sales. Digital Lightware, Inc. recognized fraudulent billings. Premature Revenue Recognition (e.g., holding books open). Misclassified Revenues and Assets (e.g., combining restricted cash accounts with unrestricted cash accounts). School districts and universities may engage in this strategy with dedicated funds. Source: S.E. Bonner, Z. Palmrose, and S.M. Young, “Fraud Types and Auditor Litigation,” The Accounting Review, October 1998, pp

Types of Financial Statement Fraud Schemes (contd …)
Fictitious Assets and/or Reductions of Expenses/Liabilities (e.g., recording consigned inventory as inventory). Cendant Corporation created fictitious revenues, and Knowledge Ware inflated revenues with phony software sales. Overvalued Assets or Undervalued Expenses/Liabilities (e.g., insufficient allowance for bad debts). Omitted or Undervalued Liabilities (e.g., understated pension expenses). Omitted or Improper Disclosures (e.g., stock option expense estimates).

Types of Financial Statement Fraud Schemes (contd …)
Equity fraud (e.g., recording nonrecurring and unusual income or expense in equity). Related-Party Transactions (e.g., fictitious sales to related parties). Enron had many related-party transactions. Financial Fraud Going the Wrong Way (e.g., for tax purposes reducing income or increasing expenses).

Wrong Way Earnings Management
Freddie Mac understated past earnings as much as $5 billion. Certain transactions and accounting policies were “implemented with a view to their effect on earnings” (e.g., to smooth earnings). Restatements will result in higher earnings in prior periods but lower earnings in future periods. Employees appeared to knowingly violate accounting rules in an effort to manipulate earnings. Source: Patrick Barta and J.D. McKinnon, “Freddie Mac Profits May Have Been Low By Up to $4.5 Billion,” Wall Street J., June 26, 2003, pp. C-1 and C-11. Bethany McLean, “The Fall of Fannie Mae,” Fortune, January 24, 2005, pp

Tax Issues The company used a so-called linked swaps to shift at least $420 million into the future. Internal report said the linked swaps had minimal business justifications other than the shifting of operating earnings. CEO Franklin Raines was paid more than $ 60 million over a 6 year period. On Dec. 21, 2004, Raines took early retirement. The Board replaced KPMG as Fannie’s auditor. Source: Dawn Kopecki and J.D. Mckinnon, “IRS Probes Tax Issues at Freddie Mac,” Wall Street Journal, October 22, 2003, p.A-6. Mike McNamee, “Franklin Raines Lost Gamble,” Business Online, December 22, 2004.

Fannie Mae’s Problem Fannie Mae was ordered by the SEC [2004] to a restatement of earnings of $ 9 billion (reducing earnings since 2001). Misuse of hedge-accounting transactions and improper accounting for loans. CFO J. Timothy Howard resigned with an annual pension of $400,000 and lifetime access to Fannie Mae’s Medical benefits. Plus $ 4 million of stock options. CEO Franklin Raines was paid more than $60 million over a 6 year period. On Dec. 21, 2004, Raines took early retirement. $ 1 million annually for life. The Board replaced KPMG as Fannie’s auditor. Source: Bethany McLean, “The Fall of Fannie Mae,” Fortune, January 24, 2005, pp Mike McNamee, “Franklin Raines Lost Gamble,” Business Online, December 22, 2004.

Vendor Allowances In exchange for better shelf space or advertisement mentioning its products, a merchandise vendor will pay stores an extra fee--an allowance often based upon the amount of products sold. Employees at OfficeMax “fabricated supporting documents for approximately 3.3 million in claims billed to a vendor to its retail business.” Six employees were fired, and CEO Christopher Milliken resigned. The SEC sued three former executives in December 2004 at Kmart Holding Corp. for their role in a $24 million accounting fraud that booked these allowances early. The SEC settled a case in October 2004 with Ahold NV involving allegations of fraudulent inflation of promotional allowances at U.S. Foodservice, Inc. unit. Source: David Armstrong, “OfficeMax Results To Be Restated; CEO Steps Down,” WSJ, February 15, 2005, p. A-3.

Seven Investigative Techniques
Public document review and background investigation (non-financial documents). Interviews of knowledgeable persons. Confidential sources. Laboratory analysis of physical and electronic evidence. Physical and electronic surveillance. Undercover operations. Analysis of financial transactions. Source: R.A. Nossen, The Detection, Investigation and Prosecution of Financial Crimes, Thoth Books, 1993.

Financial Fraud Detection Tools
Interviewing the executives Analytics Percentage analysis Horizontal analysis Vertical analysis Ratio analysis Using checklists to help detect fraud SAS checklist Attitudes/Rationalizations checklist Audit test activities checklist Miscellaneous fraud indicator checklist

Investigative Activities
A forensic accountant must be careful not to misrepresent either the identity or the purpose of the contact with a questionable party. Surveillance is not an activity which accountants normally perform (e.g., may need a private investigator’s license). Typical state statute requires a PI license for: “the investigation by a person or persons for the purpose of obtaining information with reference to any of the following: the causes and origin of, or responsibility for, … damage or injuries to real or personal property; the business of securing evidence to be used before investigating committees or boards of award or arbitration or in the trial of civil or criminal cases and the preparation therefore….” In Florida, Legal Opinion 97-9 provides that any person who holds a professional license under the laws of this state, and when such person is providing services or expert advice in the profession or occupation in which that person is so licensed, is exempt from private investigator licensing requirements. Thus, a licensed accountant (e.g., CPA) would be permitted to perform forensic accounting without a private investigator’s license.

Investigative Techniques
Public Document Review Real and personal property records. Corporate and partnership records. Civil and criminal records. Stock trading activities. Check vendors. Laboratory Analysis Analyzing fingerprints. Forged signatures. Fictitious or altered documents. Mirror imaging or copying hard drives/company servers. Use clear cellophane bags for paper documents.

Analytical Procedures
Analytical procedures involve the study or comparison of the relationship between two or more measures for the purpose of establishing the reasonableness of each one compared. Five types of analytical procedures help find unusual trends or relationships, errors, or fraud: Horizontal or Percentage Analysis Vertical Analysis Variance Analysis Ratio Analysis or Benchmarking Comparison with other operating information Source: D.L. Crumbley, J.J. O’Shaughnessy, and D.E. Ziegenfuss, 2002 U.S. Master Auditing Guide, Chicago: Commerce Clearing House, 2002, p. 592.

Sales v. Net Income Forensic accountants should compare the trend in sales with the trend in net income. For example, from 1999 to 2001, HealthSouth’s net income increased nearly 500%, but revenues grew only 5%. On March 19, 2003, the SEC said that HealthSouth faked at least $1.4 billion in profits since 1999 under the auditing eyes of Ernst & Young. The SEC said that HealthSouth started cooking its numbers in 1986, which Ernst & Young failed to find over 17 years. HealthSouth also inflated its cash balances.

Horizontal Analysis Suppose advertising in the base year was $100,000 and advertising in the next three years was $120,000, $140,000, and $180,000. A horizontal comparison expressed as a percentage of the base year amount of $100,000 would appear as follows: Year 4 Year 3 Year 2 Year 1 Dollar Amount $180,000 $140,000 $120,000 $100,000 Horizontal Comparison 180% 140% 120% 100%

Red Flags with Horizontal Analysis
When deferred revenues (on the balance sheet) rise sharply, a company may be having trouble delivering its products as promised. If either accounts receivable or inventory is rising faster than revenue, the company may not be selling its goods as fast as needed or may be having trouble collecting money from customers. For example, in 1997 Sunbeam’s revenue grew less than 1% but accounts receivable jumped 23 percent and inventory grew by 40 percent. Six months later in 1998 the company shocked investors by reporting a $43 million loss. If cash from operations is increasing or decreasing at a different rate than net income, the company may be being manipulated. Falling reserves for bad debts in relation to account receivables falsely boosts income (cookie jar accounting).

More Red Flags Look for aggressive revenue recognition policies (Qwest Communication, $1.1 billion in ). Beware of hockey stick pattern. Beware of the ever-present nonrecurring charges (e.g., Kodak for past 12 years). Check for regular changes to reserves, depreciation, amortization, or comprehensive income policy. Related-party transactions (e.g., Enron). Complex financial products (e.g., derivatives). Unsupported top-side entries (e.g., WorldCom). Under-funded defined pension plans. Unreasonable management compensation. Source: Scott Green, “Fighting Financial Reporting Fraud,” Internal Auditor, December 2003, pp

Five Statistically Significant Ratios
Use the ratios for two successive fiscal years. Convert into indexes for benchmarking. Day’s Sales in Receivable Index: (Accounts Receivable t / Sales t ) (Accounts Receivable t-1 / Sales t-1) Index for manipulators: 1.5 to 1 Gross Margin Index: [(Sales t - Cost of Sales t ) / Sales t] [(Sales t-1 - Cost of Sales t-1 ) / Sales t-1] Index for manipulators = 1.2 to 1 Source: M.D. Beneish, “The Detection of Earnings Manipulation,” Financial Analysts Journal, September/October, t-1 = prior year.

Asset Quality Index = 1- (Current Assets t + Net Fixed Assets t ) Total Assets t (Current Assets t-1 + Net Fixed Assets t-1) Total Assets t-1 Index for manipulators = 1.25 to 1 Sales Growth Index : Sales t / Sales t-1 Manipulators: 60% Non manipulators 10% Source: M.D. Beneish, “The Detection of Earnings Manipulation,” Financial Analysts Journal, September/October, t-1 = prior year.

Total Accruals to Total Assets = Δ Working Capital t - Δ Cash t - Δ Current Taxes Payable t - Δ Current Portion of LTD t - Δ Accumulated depreciation and amortization t Total Assets t TATA for manipulators: .031 TATA for non manipulators: .018 Source: M.D. Beneish, “The Detection of Earnings Manipulation,” Financial Analysts Journal, September/October, LTD = Long-term debt.

A Charles Lundelius Example
Comparison to peer group benchmarks: Characteristic MPS Peer group % over peers DSRI % GMI % AQI % SGI % TATA % Source: C.R. Lundelius, Financial Reporting Fraud, AICPA, 2003, p. 129.

Excel Spreadsheet Sherron Watkins discovered the Enron fraud in 2001 when she was again working under Andy Fastow, CFO. She took a simple inventory, using an Excel spreadsheet to calculate which of the division’s assets were profitable and which were unprofitable. She discovered the special purpose entities called Raptors, off-the-books partnerships. Enron had hidden hundreds of millions of losses by borrowing money from Raptors and promising to pay the loans back with Enron stock. Enron was hedging risks in its left pocket with money from its right pocket. As the value of Enron stock fell and the losses in the Raptors mounted, Enron had to add more and more stock because Enron had risked 97% of the losses, and Arthur Andersen had agreed to the accounting. Source: Mimi Swartz and Sherron Watkins, Power Failure, New York: Doubleday, 2003, p. 269.

Look For Fraud Symptoms
Source Documents. Journal Entries. Accounting Ledgers.

Source Documents Checks. Employee time cards. Sales invoices.
Shipping documents. Expense invoices. Purchase documents. Credit card receipts. Register tapes.

Source Documents Fraud Symptoms
Photocopies of missing documents. Counterfeit/false documents. Excessive voids/credits. Second endorsements. Duplicate payments. Large numbers of reconciling items. Older items on bank reconciliations. Ghost employees. Lost register tapes.

Journal Entries Fraud Symptoms
Out-of-balance. Lacking supporting documents. Unexplained adjustments. Unusual/numerous entries at end of period. Written entries in computer environment. For example, $400 million passed from Bertelmann to AOL, but rather than calling the money a payment to secure amendments in a contract relating to the ownership of AOL Europe, AOL labeled it ad revenue.

Ledger Fraud Symptoms Underlying assets disagree.
Subsidiary ledger different than general ledger.

Using Technology to Gather Evidence
Drill-down functionality Electronic imaging Benford’s law Digital Analysis Tests and Statistics (DATAS) Data warehousing/mining Inductive vs. deductive method

Technology is Here “Extensive knowledge and use of technology is an absolute necessity. The ability to go into an electronic image and download information, and to get information from systems that don’t talk to each other. All the accumulated information can then be reviewed for financial improprieties.” Bert Lacativo, Southlake, Texas “We use off-the-shelf software (IDEA) to import large databases, read different data files, set up queries, and compare database files such as addresses, telephone numbers, and Social Security numbers. This process will tell us, for example, if a purchase order was done on Saturday or Sunday when the company isn’t open.” Cal Klausner, Bethesda, Md. H.W. Wolosky, “Forensic Accounting to the Forefront,” Practical Accountant, February 2004, pp

Data Analysis vs. Data Mining Software
ACL, IDEA, and SAS are data analysis (DA) software used to ensure the integrity of data, to program continuous monitoring, and to detect fraudulent transactions. DA requires a program to be set up and run against the data. The program is written by auditors (i. e., humans) who may be prejudice in the routines that are executed. Data Mining finds patterns and subtle relationships in data. Wiz Rule (from WizSoft, Inc.) and IBM’s Intelligent Miner are data mining software. Source: Irina Sered, “Software,” kdnuggets.com/news/2001/n24/13i.html.

Wiz Rule Data Auditing Tool
Based upon data mining. Performs complex analysis of data, finding errors, inconsistencies, and situations that require further investigation. WizRule reveals all the if-then rules, mathematical formula rules, and spelling irregularities. Divides situations deviating from the rules into data entry errors and suspicious errors. Can be used in auditing, fraud detection, data scrubbing, and due diligence reviews. Learning curve is short. Cost license is $1,395 and yearly maintenance fee is $279. Source: Irina Sered, “Software,” kdnuggets.com/news/2001/n24/13i.html.

Technology Commits Fraud
“Technology was used to commit fraud in selling pools of credit card debt. A cooked formula was embedded in software by the seller of the debt to analyze the quality of debt for the purchaser, so no matter what debt came out, it had a good collection ratio, and the purchaser was willing to pay more. Only by analyzing the software coding was the fraud discovered,” Cal Klausner, Bethesda Md. The trend toward paperless systems hinders a CPA’s ability to find fraud. For example, many banks are no longer sending out checks Roberts J. DiPasquale H.W. Wolosky, “Forensic Accounting to the Forefront, “ Practical Accountant, February 2004, pp

Types of Misappropriations
Embezzlement Cash and check schemes Larceny of cash Skimming Swapping checks for cash Check tampering Kiting Credit card refund and cancellation schemes Accounts receivable fraud Lapping Fictitious receivables Borrowing against accounts receivable Inventory fraud Stealing inventory Short shipments with full prices Fictitious disbursements Doctored sales figures Sham payments Price manipulations: land flipping, pump and dump, and cybersmearing Money laundering Bid rigging

Cash Wheel Accruals Cash Accounts Receivable Adjusting Entries
Accounts Payable Depreciation Accruals Cash Source: Fraud Auditing Small Businesses With The Wheel , James A. Goldstine

Some Employee Schemes Embezzlement/skimming involves converting business receipts to one’s personal use and benefit, by such techniques as cash register thefts, understated/unrecorded sales, theft of incoming checks etc.

Some Skimming Schemes (off-book)
Unrecorded sales. Theft of incoming checks. Swapping checks for cash. Auditing Suggestions Compare receipts with deposits. Surprise Cash Count. Investigate customers complaints. Gross profit analysis (also for money laundering). Check for reversing transactions, altered cash counts, and register tapes that are “lost.”

Preventive Measures Segregation of duties, mandatory vacations, and rotation of duties help prevent cash larceny. Review and analyze each journal entry to the cash account. Two windows at drive-through restaurants. Signs: Free meal if no receipt. Blank checks and the automatic check signing machine should be kept in a safe place from employees. Pre-numbered checks should be logged and restricted to one responsible employee. Require two signatures on cashier checks.

Check 21 Check Clearing for the 21st Century Act takes effect October 28, 2004. Authorizes the use of a substitute check where an original check is converted to an image file and transmitted electronically in lieu of physically transporting the original check. The substitute check contains images of the front and back of the original along with the endorsements, signatures, and magnetic ink character line. There is a memo line: “This is a substitute check. You may use it the same as you would the original check.” Will speed up the check clearing process. May reduce check kiting and passing of bad checks. Banks may incur higher fraud losses (e.g. Bank One proceeds 11 billion checks per year). Source: C. Pacini, “Check 21: Fraud Implications of the Check Clearing for the 21st Century, J of FA, July- December, pp

Some Employee Schemes (contd …)
Kiting: building up balances in bank accounts based upon floating checks drawn against similar accounts in other banks. Wire transferring makes kiting easier. Auditing Suggestions Look for frequent deposits and checks in the same amount. Large deposits on Fridays. Short time lag between deposits/withdrawals. Bank reconciliation audit [cut-off bank statement].

Cut-off Bank Statement Shorter period of time (10-20 days). Bank statement sent directly to fraud auditors. Compare the cancelled checks, etc. with the cut-off bank statement. Helpful for finding kiting and lapping.

Cash Schemes Other Cash Schemes
Theft of checks (bottom or middle of checks). Checks may be intercepted or payee altered (washing checks). Forged endorsements (disappearing ink). Stolen credit cards. Refund schemes. Kickback schemes.

Kickback Example Paul J. Silvester, former state treasurer for Connecticut, admitted accepting cash kickbacks in return for placing millions of dollars in state pension investments with certain equity funds. Mr. Silvester was sentenced to 51 months in prison for taking bribes in return for investing $527.5 million from the state pension fund in five investment funds. Source: Marc Santora, “After Help in Corruption Cases, Central Figure Gets 51 Months,” N.Y. Times, November 21, 2003, p. C-12.

Parmalat Kickback Scheme
Former Bank of America executive Luca Sala told investigators that over 7 years he took $27 million in a kickback scheme involving Parmalat. He obtained the monies by a kickback arrangement with an outside broker who helped organize bond issues from Parmalat. Mr. Sala (corporate finance head) helped organize several bond placements for Parmalat for which the bank regularly received fees. Source: A. Galloni and C. Mollenkamp, “Ex-Parmalat Banker Admits Stealing $27 Million,” WSJ, February 27, 2004, p. A-3.

Refund Schemes A television station’s former accounting director pleaded guilty to stealing more $1.8 million from her employees and spending it on jewelry, paintings, and fur coats. She would overpay the station’s travel bills and divert the refunds to her own credit card bills and personal accounts. She was sentenced to 7 ½ years in prison on a single count of theft from CBS affiliate WBBM – TV Source: AP, “Ex-Accountant at CBS Affiliate Sentenced,” Las Vegas Sun, November 5, 2003.

Accounts Receivable’s Schemes
Lapping. Fictitious receivables [for a fictitious sale], which is later written off. Borrowing against receivables (use receivable as collateral). Improper posting of credits against receivables.

Lapping Lapping Recording of payment on a customer’s account some time after receipt of payment. Later covered with receipt from another customer (robbing Peter to pay Paul). Lapping is more successful where one employee has both custody of cash and record keeping responsibility. Audit Steps Independently verifying customers who do not pay. Review write-offs. Review customers’ complaints.

Lapping (cont.) Compare the checks on a sample of deposit slips to the details of the customers’ credits that are listed on the day’s posting to the customer’s account receivables.

Inventory Inventory Fraud
Stealing inventory/supplies for personal use or for sale at flea markets/garage sales. Kickback schemes (vendor/supplier and an employee). Sale of unreported inventory at inflated prices. Audit Steps for Inventory Fraud Use renumbered inventory tags matched to count sheets; use count procedures for work-in-progress items; separate duties between purchasing and logging receipts of shipments Check for same vendors. Prices higher than other vendors. Purchasing agent does not take vacation. Only photocopies of invoices are available. Aging of inventory. Inventory turnover There is data-mining software.

Stealing Diamond Inventory
Farrah Daly was charged with stealing at least 39 diamonds (1 to 3 carats), one at a time over several years from a diamond sorting area. She and her husband allegedly had friends and others sell the approximately $500,000 worth of diamonds at pawn shops and jewelry stores. Source: AP, “Ohio Woman Accused of Stealing Diamonds,” Las Vegas Sun, November 10, 2003.

Reducing Bad Debts Before MCI was acquired by WorldCom, Walter Paulo a billing manager, had to reduce a $180 million bad debt expense down to $15 million. Eventually MCI had to write-off $650 million in bad debt. His schemes: Allow a customer to sign a promissory note to turn the receivable into a short-term asset. Redacting invoices. Developing interpretations to explain why some items are aged so long. Using questionable codes. Used unapplied cash to cover. Arthur Andersen did not audit the smaller bad debt accounts where the questionable accounts occurred (e.g., the third tier). Paulo said that the AA auditors were young, inexperienced, and fresh out of college. Source: J.M. Jacka, “An Environment for Fraud,” Internal Auditor, April 2004, pp

Payroll Payroll Schemes
Ghost Employee: A person on the payroll who does not work for that company. False Workers’ Compensation claims: Fake injury to collect disability payments. Commission schemes: Falsify amount of sales or the commission rate. Falsify hours and salary: Exaggerate the time one works or adjusts own salary.

Fictitious Disbursements Multiple payments to same payee. Multiple payees for the same product or service. Ghosts on the payroll. Inflated invoices. Shell companies and/or fictitious persons. Bogus claims (e.g., health care fraud and insurance claims). Overstate refunds or bogus refunds at cash register. Many fictitious expense schemes (e.g., meals, mileage, sharing taxi, claiming business expenses never taken). Duplicate reimbursements. Overpayment of wages.

Other Fraud Schemes Stealing inventory/scrap. Stealing property. Theft of proprietary assets. Personal use of assets. Shoplifting. False down grading of products. A land flip involves a situation where a company decides to purchase land for a project. A person or group will find the land and buy it under a front name or company. The fraudster then increases the price of the land before selling it to the company. Money laundering is the use of techniques to take money that comes from one source, hide that source, and make the funds available in another setting so that the funds can be used without incurring legal restrictions or penalties.

Forensic Auditing Steps
Count the Petty Cash Twice in a Day Investigate Suppliers (Vendors) Investigate Customers’ Complaints Examine Endorsements on Canceled Checks Add Up the Accounts Receivable Subsidiary Audit General Journal Entries Match Payroll to Life and Medical Insurance Deductions Source: Jack C. Robertson, Fraud Examination for Managers and Auditors, Austin, TX: Viesca Books, 2000, pp

Forensic Auditing Steps (contd …)
Match Payroll to Social Security Numbers Match Payroll with Addresses Retrieve Customer’s Checks Use Marked Coins and Currency Measure Deposit Lag Time Document Examination Inquiry, Ask Questions Covert Surveillance Source: Jack C. Robertson, Fraud Examination for Managers and Auditors, Austin, TX: Viesca Books, 2000, pp

Acquisition/Payment Cycle
From 62 standard audit procedures, external and internal auditors judged these 20 procedures to be more efficient is detecting fraud in the acquisition and payment cycle (in descending order). Examine bank reconciliation and observe whether they are prepared monthly by an employee who is independent of recording cash disbursement or custody of cash. Examine the supporting documentation such as vendor’s invoices, purchase orders, and receiving reports before signing of checks by an authorized persons. Examine the purchase requisitions, purchase orders, receiving reports, and vendors’ invoices which are attached to the vouchers for existence, propriety, reasonableness and authenticity. Examine internal controls to verify the cash disbursement are recorded for goods actually rendered to the company. Discuss with personnel and observe the segregation of duties between accounts payable and custody of signed checks for adequacy. Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the Fraud Detection Effectiveness of Standard Audit Procedures,” Journal of Forensic Accounting, Vol. 4, 2003, p

Acquisition/Payment Cycle (Contd.)
Confirm inventories in public warehouse and on consignment. Examine internal controls to insure the vendor’s invoices, purchase orders, and receiving reports are matched and approved for payment. Examine internal controls for the following documents: vendor’s invoices, receiving reports, purchase orders, and receiving reports. Trace a sample of acquisitions transactions by comparing the recorded transactions in the purchase journal with the vendor’s invoices, purchase requisitions, purchase orders, and receiving reports. Establish whether any unrecorded vendors’ invoices or unrecorded checks exist. Examine the internal control to verify the proper approvals of purchase requisitions and purchase orders. Reconciled recorded cash disbursement with disbursements on bank statements. Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the Fraud Detection Effectiveness of Standard Audit Procedures,” Journal of Forensic Accounting, Vol. 4, 2003, p

Acquisition/Payment Cycle (Contd.)
Discover related party transactions. Examine the internal control to verify the approvals of payments on supporting documents at the time that checks are signed. Discuss with personnel and observe the procedures of examining the supporting documentation before the signing of checks by an authorized person. Examine canceled checks for authorized signatures, proper endorsements, and cancellation by the bank. Account for the numerical sequence of prenumbered documents (purchase orders, checks, receiving reports, and vouchers). Trace a sample of cash payment transactions. Trace resolution of major discrepancy reports. Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the Fraud Detection Effectiveness of Standard Audit Procedures,” Journal of Forensic Accounting, Vol. 4, 2003, p

Sales/Collection Cycle
These 10 audit procedures were judged as being more effective for detecting fraud in the sales and collection cycle (in descending order) Observe the proper and appropriate segregation of duties. Review monthly bank reconciliation and observe independent reconciliation of bank accounts. Investigate the difference between accounts receivable confirmation and customer account receivable balances in the subsidiary ledger and describe all these exceptions, errors, irregularities, and disputes. Review sales journal, general ledger, cash receipts journal, accounts receivable subsidiary ledger, and accounts receivable trial balance for large or unusual amounts. Verify accounts receivable balance by mailing positive confirmations. Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the Fraud Detection Effectiveness of Standard Audit Procedures,” Journal of Forensic Accounting, Vol. 4, 2003, p. 209

Sales/Collection Cycle (Contd.)
Examine internal controls to verify that each cash receipts and credit sales transactions are properly recorded in the accounts receivable subsidiary ledger. Examine subsequent cash receipts and the credit file on all accounts over 120 days and evaluate whether the receivable are collectible. Compare dates of deposits with dates in the cash receipts journal and the prelisting cash receipts. Examine copies of invoices for supporting the bills of lading and customers’ orders. Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the Fraud Detection Effectiveness of Standard Audit Procedures,” Journal of Forensic Accounting, Vol. 4, 2003, p. 209

Inventory/Warehouse Cycle
These 14 standard audit procedures were judged by external and internal auditors as being more effective for detecting fraud in the inventory and warehousing cycle 9in descending order): Discover related party transactions. Follow up exceptions to make sure they are resolved. Review major adjustments for propriety. Review inventory count procedures: a. Accounting for items in transit (in and out); b. Comparison of counts with inventory records; and c. Reconciliation of difference between counts and inventory records. Review adequacy of physical security for the entire inventory. Confirm inventories in public warehouse. Review procedures for receiving, inspecting, and storing incoming items and for shipments out of the warehouses. Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the Fraud Detection Effectiveness of Standard Audit Procedures,” Journal of Forensic Accounting, Vol. 4, 2003, p

Inventory/Warehouse Cycle (Contd.)
Trace shipments to sales records, inventory records, and bill of lading (shipping documents). Determine if access to inventory area is limited to approval personnel. Observe the physical count of all location. Recount a sample of client’s counts to make sure the recorded counts are accurate on the tags (also check descriptions and unit of count, such as dozen or gross) Trace inventory listed in the schedule to inventory tags and the auditor’s recorded counts for existence, descriptions, and quantity. Trace shipments to sales journal. Perform compilation tests to insure that inventory listing schedules agrees with the physical inventory counts. Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the Fraud Detection Effectiveness of Standard Audit Procedures,” Journal of Forensic Accounting, Vol. 4, 2003, p

Payroll/Personnel Cycle
These 12 audit procedures were judged the more effective for detecting fraud in the payroll and personnel cycle (in descending order): Sample terminated employees and confirm that they are not included on subsequent payrolls and confirm propriety of termination payments. Observe the actual distribution of payroll checks to the employees. Observe the duties of employees being performed to insure that separation of duties between personnel, timekeeping, journalizing payroll transactions, posting payroll transactions, and payroll disbursement exists. Examine internal controls to verify that hiring, pay rates, payroll deductions, and terminations are authorized by the personnel department. Sample personnel files and physically observe the presence of personnel in the work place. Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the Fraud Detection Effectiveness of Standard Audit Procedures,” Journal of Forensic Accounting, Vol. 4, 2003, p. 208.

Payroll/Personnel Cycle (Contd.)
Examine internal control over payroll records to verify that payroll transactions are properly authorized. Discover related party transactions. Review the files of new hires for appropriate approvals, pay rates, and dates of accession. Review the payroll journal, general ledger, and employee individual pay records for large or unusual amounts. Examine internal controls to verify that unclaimed payroll checks are secured in a vault or safe with restricted access. Examine internal controls to verify that employee time cards and job order work tickets are reconciled. Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the Fraud Detection Effectiveness of Standard Audit Procedures,” Journal of Forensic Accounting, Vol. 4, 2003, p. 208.

The End Is Here

The Fraud Side of Forensic Accounting D. Larry Crumbley, CPA, Cr

Similar presentations

Presentation on theme: "The Fraud Side of Forensic Accounting D. Larry Crumbley, CPA, Cr"— Presentation transcript:

Similar presentations

About project

Feedback

Log in

Auth with social network:

The Fraud Side of Forensic Accounting D. Larry Crumbley, CPA, Cr

Similar presentations

Presentation on theme: "The Fraud Side of Forensic Accounting D. Larry Crumbley, CPA, Cr"— Presentation transcript:

Similar presentations

About project

Feedback