Transcript Slide 1

Forensic Accounting: Strategies for
Detecting & Controlling Fraud
D. Larry Crumbley, CPA, Cr.FA, CFFA, FCPA
KPMG Endowed Professor
Department of Accounting
Louisiana State University
Baton Rouge, LA 70803
225-578-6231
225-578-6201 Fax
[email protected]
Dr. Crumbley is the
Editor of the Journal of Forensic Accounting: Auditing,
Fraud, and Risk,
Former chair of the Executive Board of Accounting
Advisors of the American Board of Forensic Accountants,
Member of the NACVA’s Fraud Deterrence Board, and
On the AICPA’s Fraud Task Force (2003-2004).
A frequent contributor to the Forensic Examiner and
Value Examiner, Professor Crumbley is a co-author of
CCH Master Auditing Guide, along with more than 50
other books and 350 articles. His latest book entitled
Forensic and Investigative Accounting is published by
Commerce Clearing House (800-224-7477). Some of his
12 educational novels have as the main character a
forensic accountant. His goal is to create a television
series based upon the exciting life of a forensic
accountant and litigation consultant.
1
Forensic Report
2
TALLY STICKS
“External auditors come down the hill
after the battle and bayonet the
wounded. Forensic accountants are the
guys who follow behind them, going
through the soldiers’ pockets looking for
money.”
3
Puff Adder
“What the use of finger prints was to the 19th century and DNA
analysis was to the 20th, forensic accounting will be to the 21st
century.”
- Gordon Brown, Chancellor of the Exchequer, 10 October 2006.
4
Glimpse Forward
Introduction to Forensic Accounting
 Risk Assessment and Fraudulent Financial Reporting
Misappropriation of Assets
Forensic Accounting Processes and Techniques
Computer Forensics
Problem-based learning case study

----------------------------------------------------------Now John at the bar is a friend of mine.
He gets me my drinks for free.
Sing us a song, you’re the piano man.
“Piano Man”Billy Joel
5
Some Fraud Figures
Australia’s annual fraud, 2003, $5.8 billion
or 1.147% of GDP.
 Malaysia’s telecom operators lose 3% of
revenue to fraud each year.
 A KPMG Malaysian survey found that more
than a third of the polled companies lost over
RM 1 million from fraud in 2 years.
 Fraud and abuse in U.S. is $652 billion to $1
trillion annually.
 The quantity of corruption crimes has
continued to rise in China after the market
liberalizations in 1978 (because so much
more money involved).
 An employee at the Australian mint stole
$100,145 over ten months by hiding bills and
coins in his lunch box and boots. He carried
away on an average 150 coins in each boot
every day.

6
Fannie Mae Forensic Probe





BOD hired investigators who cleared the
current management of Fannie Mae of
knowingly participating in any
wrongdoing.
The report took 17 months; 616 pages
plus 2,000 plus pages of supporting
documents.
Cost of $60 million to $70 million.
The fraud was estimated to be $11
billion.
Former N.H. Senator Warren Rudman
used The Huron Consulting Group.
7
Definition of Forensic Auditor
Someone who can look behind the
facade--not accept the records at
their face value--someone who has
a suspicious mind that the
documents he or she is looking at
may not be what they purport to be
and someone who has the
expertise to go out and conduct
very detailed interviews of
individuals to develop the truth,
especially if some are presumed to
be lying.
Robert G. Roche, a retired chief of the IRS Criminal Investigation
Division of the IRS
8
Narrow vs. Broad Definition
Narrow: Fraud detection is major
area.

Broad: Employed to seek, interpret,
and communicate transactional and
reporting event evidence in an
objective, legally sustainable fashion,
not only in situations where there are
specific allegations of wrongdoing, but
also in situations where interested
parties judge that the risk of loss from
wrongdoing is such that proper
prudence requires legally sustainable
evidence to support the conclusion that
no wrongdoing is occurring (James
Edwards).

9
Narrow Approach
Accounting
Forensic
Accounting
Internal and
External
Auditing
Accounting
Litigation Matters
and Investigations
Planning
Risk Assessment
Internal controls
Audit Evidence
Reporting
Fraud
Prevention and Deterrence
Detection
Investigation
Remediation
U.S. Dept. of Justice, Education and Training in Fraud
and Forensic Accounting: A Guide for Educational
Institutions, Stakeholder Organizations, Faculty and
Students, Draft Copy, December 23, 2005.
10
Broad Approach
“I liken it to ‘CSI’ or ‘Law & Order,’ but instead of
figuring out the trajectory of a bullet, you’re trying to
find out how a transaction occurred.”
Terry McCarthy
11
Definition of Forensic Accounting
Forensic accounting is the application of
accounting, tax, auditing, finance,
quantitative analysis, investigative and
research skills, and an understanding of
the legal process for the purpose of
identifying, collecting, analyzing, and
interpreting financial or other data or
issues in connection with:
1) Litigation services: providing assistance for
actual, pending or potential legal or
regulatory proceedings before a trier of fact
in connection with the resolution of disputes
between parties, or
2) Non-litigation
services:
performing
analyses or investigations that may require
the same skills used in 1, above, but may
not involve the litigation process.
12
Definition of Forensic
Accounting Litigation Service
Forensic accounting litigation
services are the professional
assistance accountants provide
related to the litigation process.
These services may involve
accounting, financial, auditing, tax,
quantitative
analysis,
and
investigative and research skills, as
well as an understanding of the
legal process to provide assistance
for actual, pending, or potential
legal or regulatory proceedings
before a trier of fact in connection
with the resolution of a dispute
between parties.
13
Definition of Forensic
Accounting Non-Litigation
Services
Forensic accounting non-litigation
services are the professional assistance
accountants provide not related to the
litigation process. These services may
involve accounting, financial, auditing,
tax,
quantitative
analysis,
and
investigative and research skill as well
as an understanding of the legal process
to provide assistance in connection with
matter or issues not involving the
litigation process.
“You’re trying to piece together a puzzle where you
do not have the picture on the box to know what it’s
going to look like. The facts are not settled, and actually
it’s the facts that are in dispute.”
Andrew Bernstein
14
Short History
1. Late 1800’s – Find fraud
2. 1930’s- Puff Adder –encyclopedia
3. 1933-1934-independent audits
4. 1950’s-Eighth edition Montgomery auditing reduced formal
stress on fraud detection.
5. January 1957- H.W. Bevis, AR, questioned the benefit of
discovering minor employee thefts.
6. 1960s-auditors claimed no responsibility.
7. Financial audits: Consistency.
8. Audit surveillance: test of details (disappeared).
9. Stock market bubble
10. Panel on Audit Effectiveness (2000)
11. Enron/ WorldCom/ Parmalat/ HealthSouth
12. Sarbanes-Oxley/ PCAOB
13. SAS No. 99
15
Transparency International Corruption Perceptions Index 2006
Country Rank
Country
2006 CPI Score
Surveys used
Confidence range
1
Finland
9.6
7
9.4 - 9.7
Iceland
9.6
6
9.5 - 9.7
New Zealand
9.6
7
9.4 - 9.6
4
Denmark
9.5
7
9.4 - 9.6
5
Singapore
9.4
9
9.2 - 9.5
6
Sweden
9.2
7
9.0 - 9.3
7
Switzerland
9.1
7
8.9 - 9.2
8
Norway
8.8
7
8.4 - 9.1
9
Australia
8.7
8
8.3 - 9.0
Netherlands
8.7
7
8.3 - 9.0
Austria
8.6
7
8.2 - 8.9
Luxembourg
8.6
6
8.1 - 9.0
United Kingdom
8.6
7
8.2 - 8.9
14
Canada
8.5
7
8.0 - 8.9
15
Hong Kong
8.3
9
7.7 - 8.8
16
Germany
8
7
7.8 - 8.4
17
Japan
7.6
9
7.0 - 8.1
18
France
7.4
7
6.7 - 7.8
Ireland
7.4
7
6.7 - 7.9
Belgium
7.3
7
6.6 - 7.9
Chile
7.3
7
6.6 - 7.6
USA
7.3
8
6.6 - 7.8
Belarus
2.1
4
1.9 - 2.2
Cambodia
2.1
6
1.9 - 2.4
Côte d´Ivoire
2.1
4
2.0 - 2.2
Equatorial Guinea
2.1
3
1.7 - 2.2
Uzbekistan
2.1
5
1.8 - 2.2
Bangladesh
2
6
1.7 - 2.2
Chad
2
6
1.8 - 2.3
Congo, Democratic Republic
2
4
1.8 - 2.2
Sudan
2
4
1.8 - 2.2
Guinea
1.9
3
1.7 - 2.1
Iraq
1.9
3
1.6 - 2.1
160
Myanmar
1.9
3
1.8 - 2.3
163
Haiti
1.8
3
1.7 - 1.8
11
20
151
156
160
16
States Corruption Index
Most corrupt:
Least corrupt:
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
Mississippi
North Dakota
Louisiana
Alaska
Illinois
Montana
South Dakota
Kentucky
Florida
New York
Nebraska
Oregon
New Hampshire
Iowa
Colorado
Utah
Minnesota
Arizona
Arkansas
Wisconsin
17
Forensic Accounting Factors
Time: Forensic accounting focuses
on the past, although it may do so
in order to look forward (e.g.,
damages, valuations).
 Purpose: Forensic accounting is
performed for a specific legal forum
or in anticipation of appearing
before a legal forum.
 Peremptory: Forensic accountants
may be employed in a wide variety
of risk management engagements
within business enterprises as a
matter of right, without the
necessity of allegations (e.g.,
proactive).
----------------------------------------------With a single clue a forensic
accountant can solve a fraudulent
mystery.

18
One Small Clue
A former Scotland Yard scientist tried to
create the world’s biggest fraud by
authenticating $2.5 trillion worth of fake U.S.
Treasury bonds.
When two men tried to pass off $25 million
worth of the bonds in Toronto in 2001, a
Mountie noticed the bonds bore the word
“dollar” rather “dollars.”
Police later raided a London bank vault and
discovered that the bonds had been printed
with an ink jet printer that had not been
invented when the bonds were allegedly
produced.
Zip codes were used even though they were
not introduced until 1963.
Sue Clough, “Bungling Scientist Is Jailed for Plotting World's Biggest
Fraud,” News.telegraph.co.uk, January 11, 2003.
19
Forensic Accounting Areas
Investigative
Auditing
Litigation Support
Forensic: Latin for “forum,”
referring to a public place or court.
Black’s Law Dictionary: Forensic,
belonging to the courts of justice.
Note: Corporate spooks are used to check on
competitors.
20
Forensic Auditing
Forensic auditing is a type of auditing
that specifically looks for financial
misconduct, and abusive or wasteful activity.
It is most commonly associated with
gathering evidence that will be presented in a
court of law as part of a financial crime or a
fraud investigation.
Source: B.L. Derby, “Data Mining for Improper Payments,” Journal of Government
Financial Management, Winter, 2003, pp. 10-13
---------------------------------------------------------------
“ Forget the stuffed white shirt, forensic
accountants are more parts Philip Marlowe
than Casper Milquetoast. They open the
books and crack the code, transforming a
dull science of numbers into a suspenseful
mystery with a logical, even riveting
resolution.”
Cory Johnson
21
Top Niche Services
1. Attest Services
2. Business Valuations
3. Estate/ Trust/ Estate Planning
4. Forensic/Fraud
5. Litigation Services
6. International Tax
..........
11. Personal Financial Planning
14. SOX Compliance
15. Technology consulting
87%
82%
82%
75%
75%
72%
57%
53%
53%
Source: Accounting Today (2008).
22
Forensic Accounting vs. Fraud
Auditing
Forensic Accountant: A forensic
accountant may take on fraud auditing
engagements and may be a fraud
auditor, but he or she will also use
other accounting, consulting, and legal
skills in broader engagements. In
addition to accounting skills, he or she
will need a working knowledge of the
legal system and excellent
communication skills to carry out
expert testimony in the courtroom and
to aid in other litigation support
engagements.
Crumbley, Heitger, Smith, Forensic and Investigative Accounting (CCH)
23
AICPA’s Position
Public accounting firms could use forensic
accountants to help revise their approach to planning
and fieldwork on all audits, while requiring forensic
accountants only on high risk audit clients to aid in the
interpretation of forensic testing results and preventive
control enhancements.

Does not require auditors to carryout specific forensic
procedures, but rather provide guidance on how to
include forensic techniques within processes outlines in
SAS 99. This combination will enhance the detection and
prevention of fraudulent financial statement reporting
and misappropriation of assets; thus protect investors
and financial statement users.

The inclusion of audit procedures focused towards
detecting misappropriation of corporate assets may lead
to the identification of weaknesses within corporate
governance or control weaknesses. Frauds that are
identified which represent a material misappropriation of
assets could significantly impact public perception.

24
AICPA’s Position (cont.)
Professional forensic accountants can best be
used by ensuring such procedures are properly
developed and executed in-line with internal audit
and audit committee concerns. Forensic accountants
could then be engaged in high-risk situations, or
when a fraud is suspected.
 Companies should not use the forensic services of
their outside audit firm, unless it pertains to the
annual audit.
 Putting a price on a substantive test or forensic
auditing procedure may be smart for business;
however, the inherent risk is that short-cuts geared
towards reducing audit costs may eventually cause
investors to question the companies’ true financial
position.

AICPA – Discussion Memo Question Responses
25
Big-Six's Position

A forensic audit is akin to a police investigation.
All public companies should have a forensic
audit on a regular basis. Companies would be
required to have such an audit every three or five
years or face these audits on a random basis.

Forensic auditors scrutinize all records of
companies, including emails, and would be able, if
not required, to question all company employees,
and to require statements under oath.

Might be necessary for an audit network or a
specialized forensic auditor to complete a forensic
audit with the aid of independent attorneys (not
these who have represented the audit client in the
other engagements).

Source: “Serving Global Markets and the Global Economy: A View from the CEOs of
the International Audit Networks, November 2006, p. 13.
26
Forensic vs. Fraud Audit
Google result, February 11, 2007








Forensic Audit, 208,000 hits
Fraud Audit, 64,500 hits
Fraud Examination, 74,800 hits
Fraud Accounting, 45,200 hits
Forensic Accounting, 1,050,000 hits
Fraud Investigation, 932,000
Forensic Investigation, 512,000
Fraud Auditing, 83,500
---------------------------------------------I don’t care what they say, but [forensic
accounting] is here to stay.
Danny & the Juniors
-----------------------------------------------------------------------------------
I see skies of blue and clouds of white, and I
think to myself, what a wonderful world.
Louis Armstrong
27
Specialties Within Forensic
and Investigative Accounting







Employee Crime Specialist.
Asset Tracing Specialist.
Litigation Services Specialist and
Expert Witness.
Insurance Claims.
Valuation Analysis.
False Claims Act Violations.
Due diligence investigations.
28
Asset Tracing
Three Italian lawyers said in a filing to be
presented to a bankruptcy court that they had
traced $7.7 billion in missing Parmalat funds.
“We are preparing a filing in which we are asking
for the insolvency status to be revoked
because the money was robbed and not lost,”
lawyer Carlo Zauli told Reuters.
But he said it would be an illusion to believe proof
of electronic transfers of the funds could be
found and the lawyers representing the
Parmalat Creditors Committee did not say
where the money was being held or if it was
recoverable.
An Italian website, TGfin (www.tgfin.it), said a
company linked to Parmalat founder Tanzi was
holding the funds in the form of U.S. bonds in
an account with Bank of America.
Source: Emilio Parodi and Stefano Bernabei, “Wrap-up 2: Paramalat Fraud Probe Widens
to Auditors, Ex-Banker, “forbes.com, January 8, 2004.
29
Finding Unreported
Income/Hidden Assets
1.
2.
3.
4.
5.
6.
7.
Look at the lifestyles.
Look at the expenses.
Look at the cash flow.
Look at the business
operations.
Look at the industry ratios.
Consider using private
investigators.
Use the net worth method.
Mark Kohn, “Unreported Income and Hidden Assets,” Forensic
Accounting in Matrimonial Divorce, Philadelphia: R.T.
Edwards, 2005, pp.49-57.
30
Fiction v. Reality
The main difference between fiction and
reality is that instead of using mask and gun,
today’s villains use mouse and keyboard. Instead
of hiding behind a lamppost in a trench coat and
fedora, today’s forensic accountants are more
likely to be hiding behind their own computers,
searching for clues amid mountains of data.
Source; “Book ‘EM! Forensic Accounting in History and
Literature,” The Kessler Report, Vol.1, No. 2.
------------------------------------------------------------------------------------
“Every investigation I did as a prosecutor, you
have a particular target, but it always branches
off because something else gets your attention.
And that’s what is going to happen with a
forensic accountant.”
Tom Carlucci:
E-library Rueter Library September 20, 2002
31
Forensic Techniques Become Popular
“In many of the large accounting blow-ups, auditors knew
what was happening,” says Charles Niemeir, “but they
were willing to look the other way.”
There is a need to provide “incentives for people finding
problems,” says Douglas Carmichael. “Right now there
are no incentives for finding problems, and one who does
is treated as a trouble maker.”
Source: Cassell Bryan Low, “Accounting Firms Attempts to
Dispel the Cloud of Fraud,” Wall Street J., May 27, 2003.
Doug Carmichael, Chief Auditor for Peek-uh-boo,
faults auditors for not adopting forensic
techniques.
 Carmichael wishes more “test of details,” not
relying on test of controls.
 He wishes more shoe-leather work.
 Shoe-leather work is what we do!

Kris Frieswick, “How Audits Must Change,” CFO July
2003, p.48
32
Popular (cont.)

E&Y’s forensic accounting team is comprised of
350 practitioners in the U.S. alone, and focuses
on strategies to mitigate and manage conflict in
bankruptcy disputes, financial and economic
damages, fraud and investigations, government
contracts and grants, insurance claims,
intellectual assets, and legal technology.

Deloitte’s forensic accounting expertise includes
anti-money laundering, the Foreign Corrupt
Practices Act, purchase price disputes,
arbitrations, construction fraud, health care fraud,
construction oversight, intellectual property theft,
and misdirected royalty revenues, to name just a
few.
They have forensic labs in nine major cities across
the U.S. and an additional 18 cities around the
world, including Hong Kong, London, Amsterdam,
Frankfurt, Cape Town and Melbourne.” All FAS labs
meet the FBI’s chain of custody requirements.
“They are secure, state-of-the-art, and house
advanced systems for storing and accessing data,
including dedicated servers and fire-resistant
safes.
Stuart Kahan, “Sherlock Holmes Enters Accounting,” WebCPA,
February 11, 2007.
33
Forensic Accountants
“Rather than combing torn clothing,”
forensic accountants “comb through
corporate books, looking for oddities
that could signal swindles,” says
Bruce Dubinsky. Investigations can
be extremely complex, with crates
and crates of documents and
thousands of computer files.
Investigators look for flags or
patterns that would not normally
occur.
Source: Mark Maremont, “Tyco Is Likely to Report
New Woes,” Wall Street Journal, April 30, 2003, p.
C-1.
34





Potpourri
Deutsche Bank is being sued for $1.3 billion by
Bruce Winston (one of the heirs of Harry Winston
diamond dynasty) for priceless gems
disappearing from a trust under their control.
A Burlington, Kentucky city finance director is
accused of embezzling more than $1.2 million to
support his estranged wife and his girlfriend.
Martin Frankel vanished with between $200
million in cash and diamonds one day. He
accomplished this insurance fraud by buying
poorly capitalized insurance companies, cooking
the books to show increased premium value, and
by including non-existing real estate and leases
on the balance sheet.
Bank of China’s Mr. Wu allegedly embezzling up
to $18 million from a bank branch, using
improper bills of exchange. BoC has a number of
cases involving the embezzlement of $737
million from branches in the Southern
Guangdong Province.
A U.S. Lime officer embezzled nearly $2.2 million
by forging signatures of other company officers
on checks, and falsifying the company’s check
register to create the impression that the
amounts he received went to U.S. Lime creditors.
35
Potpourri (contd …)






The Chairman of Hyundai Motor, Chung MongKoo, was sentenced in February 2007, to 3
years in prison for embezzlement ($100
million) and breach of trust at South Korea’s
largest carmaker.
Spanish authorities shut down Afinsa’s Forum
stamp-investing programs with several hundred
thousand of small investors. Alleged
investments in overvalued stamps and
suspected pyramid scheme. Eight officials
jailed.
In 2000, Rent Way’s CAO artificially reduced
the company’s expenses by $127 million.
WorldCom’s external auditors missed about
$11 billion improperly booked items.
Ahold NV, a Dutch company, said a U.S. unit
had overstated revenues by $880 million by
booking more discounts from suppliers than
actually received.
One Philippine peso coin has the same size as
1 dirham, but worth only 7 fils. Thus, dispense
machine fraud.
36
Auditors Blamed: Deep Pockets
Trustee
for United Companies (UC) said that
Deloitte and Touche was guilty of negligence,
malpractice, misrepresentation, breach of duty,
and fraud.
D & T failed to warn United Companies of all of
the losses it would absorb if the people who took
out the loans defaulted, because the accounting
firm was making millions and millions of dollars in
fees.
Loan practice called securitization or bundled
high-interest loans.
$685 million in liability damages.
Plaintiff’s Attorney: Role of auditors is to act as
watchdogs for companies. “A good watchdog
barks when somebody comes into the yard. D & T
is supposed to bark when there is a problem.”
Defendant’s Attorney: “The problem was much
larger than a watchdog could handle. Can a
watchdog stop your house from getting hit by a
hurricane? Of course not.”
Source: Adrian Angelette, “Auditors Blamed, “Baton Rouge Advocate, October
23, 2003, pp. A-1 and a-8
37
Auditors Blamed (cont.)
As
part of the securitization agreement,
UC agreed to pay the principal and interest
on defaulted loans.
Creditors contend that UC failed to
account for the interest it was paying, and
D&T should have caught the mistake
earlier.
After UC wrote off $605 million in debt,
the company filed for bankruptcy.
 Confidential mid-court settlement.
Source: Adrian Angelette, “United Companies Settlement Reached,”
Baton Rouge Advocate, October 31, 2003, pp. A-1 and A-12
38
Find It, or I’ll Sue
Accountants must be attuned
to detecting fraud at every level of
service, including standard
accounting services, compilations,
reviews, and bank reconciliations. If
there is fraud and you don’t detect
it, you are going to be sued, and you
will likely lose, as the public
perception is the accountant is the
watchdog.
Robert J. DiPasquale, Parsippany, N.J.
Source: H.W. Wolosky, “Forensic Accounting to the Forefront,”
Practical Accountant, February 2004, pp. 23-28.
39
Forensic Accounting Knowledge Base
Investigative
auditing
LAW
Criminology
Accounting
Forensic Accountant
Silk, Silk, Silk
40
Threads of Forensic
Accounting
Forensic accounting (or at
least accounting expert
witnessing) can be traced as
far back as 1817 to a court
decision. [Meyer v. Sefton]
In 1824, a young accountant
by the name of James
McCleland started business in
Glasgow, Scotland and issued
a circular that advertised
various classes of expert
witness engagements he was
prepared to undertake.
In 1856 in England, the audit
of corporations became
required.
41
Investigative Accountants
Initially called investigative
accounting, many of the forensic
techniques, such as the net worth
method, were developed by IRS
agents to detect tax evaders.
Infamous mobster, Al Capone, was
caught when Special Agents of the
IRS stepped in and charged him
with tax evasion.
Accountants caused the crime
czar’s career to come to an end.
42
Al Capone Caper
“Perhaps the most celebrated case
of an accountant nailing a famous
criminal was the case of Al Capone. For all
of Capone’s colorful history of violent
crime, the FBI could never gather enough
evidence to convict him until FBI agent
Eliot Ness had an idea.
He gathered special agents of the
IRS to track the flow of cash from
Capone’s illicit activities. When the
mobster failed to pay taxes on those
earnings, the IRS nailed him for tax
evasion.
Capone went to jail and was never
a factor again. IRS recruitment posters
boast till this day: ‘Only an accountant
could catch Al Capone.’”
Source: “Book ‘Em! Forensic Accounting History and Literature,” The Kessler
Report, Vol. 1, No. 2.
43
Father of Forensic Accounting:
Maurice E. Peloubet (1946)
Pretenders:

Max Lourie (1953)

Robert Lindquist (1986)*
* Repeated, First sentence in N. Brennan and J.
Hennessy, Forensic Accounting, 2001, p. 5.
44
The Essence of Forensic Accounting by
Maurice Peloubet (1946):
“The preparation of data for and the
appearance before government agencies as
a witness to facts, to accounting principles,
or to the application of accounting
principles is essentially forensic accounting
practice rather than advocacy.”
Modern Version
“Let’s face it, we in the forensic profession
labor in an obscure corner of the vineyard.
We are the carefully selected, trusted,
highly trained guardians of one of the last
great secrets remaining on the face of the
earth - - the $600 billion [now $652], more
or less annual problem nobody knows
about.”
Joseph W. Koletar, Fraud Exposed, John Wiley &
Sons, Inc 2003, p. 228.
45
Be like
46
Panel on Audit Effectiveness




In 1998, the Public Oversight Board
appointed the Panel on Audit Effectiveness
to review and evaluate how independent
audits of the financial statements of public
companies are performed and to assess
whether recent trends in audit practices
serve the public interest.
In 2000, the Panel issues a 200-page
report, Report and Recommendations,
which includes a recommendation that
auditors should perform forensic-type
procedures during every audit to enhance
the prospects of detecting material
financial statement fraud.
Did not believe a GAAS audit should
become a fraud audit.
In all audits the degree of audit effort in
forensic- type steps should be more than
inconsequential [p. 24].
47
Required Forensic Audits Coming?

The accounting profession may be
making a strategic shift as they see that
SAS No. 99 and the other rules are not
protecting them from being the insurer
of last resort.

The Big Four along with Grant Thornton
and BDO International recently released
a report entitled “Serving Global Capital
Markets and the Global Economy.”

In the report, one of the things they are
suggesting is for companies to have a
forensic audit. Companies would be
required to have such an audit every five
years or face these audits on a random
basis.
“Auditing Firms Urge New Ways to Detect Fraud,” NYSSCPA.org News
Staff. Posted on November 11, 2006.
48
Fraud Strategies Differ
1.
2.
3.
4.
5.
6.
Forensic Accountants
Internal Auditors
External Auditors
Fraud Examiners
Certified Fraud Deterrence
Analysts (CFD) or CFFAs
Forensic CPA Society (FCPA)
49
Predication




The ACFE group indicates that in the
private sector, a fraud investigation
should not be conducted without
proper predication.
Examples: Anonymous tips,
complaints, audit inquires, conflict of
interest.
Thus, predication is the basis for
undertaking a fraud investigation.
Without predication, the target might
be able to sue for real or imaginary
damages.
50
Who Do You Call?
Detection v.
Deterrence
Proactive v.
Reactive
51
Three Classes of Controls
Preventive controls: These controls are first in line to
prevent errors, omissions, or security incidents from
occurring. Examples include controls that restrict access
to systems to authorized persons such as intrusion
prevention systems and firewalls, and integrity
constraints that are embedded within a Database
Management System. Most Efficient
Detective controls: These controls detect errors or
incidents that have eluded the preventative controls.
Examples include controls that test whether authorization
limits have been exceeded, or an analysis of activity in
previously dormant accounts. Important when preventive
controls weak. Examples include situations where the
transactions are derived from third party reports such as
sales reports from franchisees, warranty claims reported
by auto dealers, baggage claims reported by passengers
at airports, and reports of coupons or rebates redeemed
by redemption processors.
Corrective controls: These controls correct errors,
omissions, or incidents after detection. They vary from
simple correction of data-entry errors, to identifying and
removing unauthorized users from systems or networks.
Corrective controls are the actions taken to minimize
further losses.
Sources: IIA, 2005, Global Technology Audit Guide: IT Controls,
Altamonte Springs, Fl; M. J. Nigrini, “Monitoring Techniques
Available to the Forensic Accountants,” J. of Forensic Accounting,
Vol. 7, 2006, p. 322.
52
Where Fraud Prevention and Security Meet
Fraud Prevention
Sarbanes-Oxley
Compliance
Data Mining for
Fraud
Ethics Policy
Anonymous
Tip Line
Risk Assessment
Fraud Policy
Security
Background Checks
Site Security Survey
Loss Prevention
Strategy
Information Security
Investigations
Interviews
Screening Tools for
External Fraud
Guards
Closed Circuit
TV
Swipe Cards
Locks
Fences
Badges
Disaster
Recovery
Source: M.T. Biegelman and J. T. Bartow, Executive Roadmap to Fraud
Prevention and Internal Controls, John Wiley, 2006, pp. 325-326.
53
Balancing Risks and Controls
Excessive Risks
•
•
•
•
•
Loss of Assets
Poor Business Decisions
Noncompliance
Public Scandals
Increased Regulations
Excessive Controls
•
•
•
•
•
Increased Bureaucracy
Reduced Productivity
Increased Complexity
Increased Cycle Time
Increase of no-value activities
54
Types of Controls
Preventive controls
• Segregation of duties
• Required approvals
• Securing assets
• Passwords
• Using document control numbers
• Drug testing
• Job rotation
• Computer backup
Detective controls
• Reconciliations
• Reviews
• Event notifications
• Surprise cash count
• Counting inventory
Corrective controls
• Training
• Process redesign
• Additional technology
• Quality circle teams
• Budget variance reports
55
Forensic-Type Organizations









American College of Forensic Examiners (2750 E. Sunshine,
Springfield, MO 65804; 800-423-9737; www.acfei.com. DABFA
and Cr.FA; 2000)
Certified Fraud Examiners (Association of CFEs, The Gregor
Bldg., 716 West Avenue Austin, TX 78701; 800-245-3321;
www.cfenet.com).
Certified Insolvency and Reorganization Accountant (CIRAs).
Accountants, lawyers, consultants included in insolvency and
bankruptcy matters. 3-part exam. 4,000 hours. 541.858.1665.
AIRA, 221Stewart Avenue, Suite 207, Medford, Or. 97501.
[email protected]
Forensic CPA Society (FCPA); formed in July 2005, Spokane,
WA. [email protected].
Certified Forensic Financial Analyst (NACVA, Salt Lake City, Utah
84106; 801-486-0600). Also, Certified Fraud Deterrence (CFD)
analyst. [CFFA and CFD have merged.]
National Litigation Support Services Association (NLSSA, III
East Wacker Drive, Suite 990, Chicago, IL 60601; 800-8690491). Not-for-profit. About 20 firms. $1,825.
Canadian Institute of Chartered Accountants (CICA) – CA.IFA –
Alliance for Excellence in Investigative Accounting.
Certified Forensic Investigator (CFI) – Canada Early 1980’s.
www.homewoodave.com
Certified Fraud Specialist (CFS), not-for-profit, educational antifraud corporation located in Sacramento, Calif., for those
dealing in white-collar crime, fraud, and abuse issues.
Association of Certified Fraud Specialists. http://acfsnet.org.
56
Fraud
Some accountants believe that ethics is a place in
England.
Essex, U.K.
------------------------------------------------------
A statement made by Mark Twain
about New England weather applies
to fraud and corruption:
“It’s hard to predict, but everyone
agrees there’s plenty of it.”
------------------------------------------As Sherlock Holmes said, “the game
is afoot.”
-------------------------------------------------Read My Lips; It’s The Fraud, Stupid.
57
Termites, Rust, and Fraud
• Just as termites never sleep, fraud never
sleeps.
• Just like termites, fraud can destroy the
foundation of an entity.
------------------------------------------------------------Like rust, fraud never sleeps.
------------------------------------------------------------"It is simply impossible to eliminate economic crime. It's
like fighting the mythical Hydra, cutting off one form of
fraud merely allows another to grow. Controls alone are
not enough. The answer lies in establishing a culture that
supports control efforts and whistle-blowing with clear
ethical guidelines. Companies need to build loyalty to the
organization which gives employees the confidence to do
the right thing, and identify clear sanctions for those who
commit fraud, regardless of their position in the
company."
Steven Skalak
58
White-Collar Crime: Rich
People Steal
• Edwin Sutherland coined the term
“white-collar crime.” [Indiana
University sociology professor.]
• Sutherland believed that whitecollar crime is a learned behavior,
a consequence of corporate culture
where regulations are regarded as
harassment, and profit is the
measure of the man.
• “White-collar crime violates trust
and thus creates distrust, and this
lowers social morale and produces
social disorganization on a large
scale.
Cynthia Crossen, “A Thirties Revelation: Rich People
Who Steal are Criminals, Too,” Wall Street Journal,
October 15, 2003, p. B-1.
59
FBI Crime Classification Manual
1. Personal Cause Homicide.
2. Sexual Homicide.
3. Group Cause Homicide.
4. Criminal Enterprise Homicide
•
•
•
•
•
•
•
•
•
Contract killing.
Gang-motivated.
Criminal competition.
Kidnap murder.
Product tampering.
Drug murder.
Insurance/ inheritance.
Felony-murder.
Commercial profit.
60
Red-Collar Crime
• A person who physically harms
someone that may have, or is on the
verge of detecting their fraudulent
behavior.
• Fraud-detection homicide.
• Myth: White-collar criminals not violent
criminals.
• Forensic accountants may be used in
a homicide investigation when fraud
detection may be the motive for the
murder.
• Fraud-detection motive may be
important when a prosecutor has
weak direct evidence.
Source: F.S. Perri and T.G. Lichtenwald, “A Proposed Addition to the FBI
Criminal Classification Manual: Fraud-Detection Homicide,” The
Forensic Examiner, Winter 2007, pp. 18-30.
61
Michael Comer’s Types of Fraud
Corruptions (e.g., kickbacks).
2. Conflicts of interest (e.g., drug/alcohol
abuse, part-time work).
3. Theft of assets.
4. False reporting or falsifying
performance (e.g., false accounts,
manipulating financial results).
5. Technological abuse (e.g., computer
related fraud, unauthorized Internet
browsing).
Comer’s Rule: Fraud can happen to
anyone at anytime.
1.
Source: M.J. Comer, Investigating Corporate Fraud,
Burlington, Vt.: Gower Publishing Co., 2003, pp. 4-5.
62
How Corruption Occurs
Category
Conflicts of
Interest
Bribery
Illegal Gratuities
Extortion
%
61.6%
42.7%
29.8%
16.9%
Source: 2006 Wells Report, ACFE.
63
TRUTH
Given the right pressures, opportunities, and
rationalizations, many employees are capable of
committing fraud.
Bev Harris says that fraudsters and embezzlers are
the nicest people in the world:
Wide-eyed mothers of preschoolers. Your
best friend. CPAs with impeccable resumes.
People who profess deep religious
commitments. Your partner. Loyal business
managers who arrive early, stay late, and
never take a vacation. And sometimes, even
FAMILY MEMBERS. So if you’re looking for a
sinister waxed mustache and shifty eyes,
you’re in for a surprise – scoundrels come in
every description.
Source: “How to Unbezzle A Fortune,” www.talion.com/embezzle.htm, p. 1.
64
Starwoods Hotels Poll of Executives
Starwoods Hotels interviewed 401
top executives who golf. The
results are surprising.
Consider themselves to be honest in
business
99%
Played with someone who cheats at
golf
87%
Cheated themselves at golf
82%
Hated others who cheated at golf
82%
Believe that business and golf behaviors
are parallel
72%
Source: Del Jones, “Many CEOs Bend The Rules (of Golf),”
USA Today, June 26, 2002, p. A-1.
65
The Cost of Fraud



Organizations lose 5 percent of
annual revenue to fraud and
abuse.
Fraud and abuse costs U.S.
organizations more than $652
billion annually (about $4,500
per employee).
The average organization loses
more than $12 a day per
employee due to fraud and
abuse.
Source: 2006 Wells Report
66
The Trillion Dollar Gorilla
(in Billions)
U.S. Business1
$256.32
Federal Government2
239.75
State Government3
354.21
Tax-exempts4
134.5
Local Government5
Annual Fraud (trillion)
68.4
$ 1.053
1. 2002 Statistics of Income, $1,281.6 trillion time 20%.
2. $2.3975 trillion budget times 10%
3. $3,542.1 million times 10%
4. $897 billion in revenue times 15%.
5. $684.6 billion times 10%.
67
Fraud Multiplier
Employee Fraud = $ for $ reduction in net
income
Suppose $100,000 bottom line reduction.
Suppose 20% profit margin
How much new revenue needed to offset
the lost income?
$100,000 = $500,000
20%
So ACFE says $652 billion lost per year (2006).
$652 billion = $3.26 trillion needed
20%
revenue
----------------------------------------------------The FBI estimates that white collar crime is
$300 billion each year in the U.S.
68
The Cost of Fraud (cont.)






Over 90% of occupational frauds
involve asset misappropriations.
Average length of a fraud scheme
is 15 to 24 months.
Most common way of detecting
occupational fraud is by tips from
employees, customers, vendors, or
anonymous sources.
Second way, by accident.
Third most common detection:
internal audit (2nd in 2004).
The most targeted asset is cash.
Source: 2006 Wells Report
69
Ernst & Young 2002 Survey
• More than 20 percent of the respondents were
aware of fraud in their workplace.
• Nearly 80 percent would be willing to turn in a
colleague thought to be committing a fraudulent
act.
• Employers lose a staggering 20 percent of every
dollar earned to some type of workplace fraud.
• More frequently committed frauds are theft of
office items, claiming extra hours worked, inflating
expense accounts, and taking kickbacks from
suppliers.
• Women are more likely than men to report
fraudulent activities.
• Older employees were more likely to report
fraudulent activities than younger employees.
Ernst & Young. “American Works: Employers Lose 20 Percent
of Every Dollar to Work Place Fraud.” (2002) Available at
http://www.ey.com/global/Content.nsf/US/Media_Release_-_0870
05-02DC
Advantage of Compliance Spending
General Counsel Roundtable
says that each $1 of compliance
spending saves organizations, on
the average, $5.21 in heightened
avoidance of legal liabilities, harm
to the organization’s reputation,
and lost productivity.
Source: Jonny Frank, “Fraud Risk Assessments,” Internal
Auditor, April 2004, p. 47.
71
Comparison of Selected Fraud Surveys
Type
Time Period
Number of participants
(population)
Response
Estimated fraud in U.S.
KPMG
PwC
ACFE
Questionnaire
Interview
Questionnaire
2005-2006
2005
2006
4,056 (6,797)
3,634
1,134 (11,112)
59.7%
Unknown
10.2%
Not given
$1.7 million per company
$652 billion (revenue)
% of companies experiencing
fraud
74% reporting
misconduct
45% tangible fraud
Unclear (100%)
Highest fraud industry
Public sector
Retail/ Consumers
Banking/ Financial
Services
Second highest fraud industry
Global Manufacturers
Financial Services
Government
Top – Fraud detection – Tips
Not given
28%
34.2%
Fraud detection – Internal audits
Not given
26%
20.2%
Fraud detection – by accident
Not given
6%
25.4%
Some recover of fraud
Not given
47%
57.9%
Gender of perps - male
Not given
87%
61%
Likely age
Not given
31-40 (38%)
41-50 (34.6%)
Fraud by senior mgt.
Not given
24%
20.9%
Fraud by Accounting dept.
Not given
Not given
30.3%
Fraud with undergraduate
degree
Not given
52%
45.6%
Best control measure
External audits
Hotlines/ surprise audit
Second best control measure
Internal audits
Internal audit
72
PWC 2007 Survey



Fraud's pervasiveness
 Over 43 percent of the companies interviewed
reported suffering one or more significant economic
crimes.
 The average loss from fraud per company
increased nearly 40 percent in two years from
roughly US$1.7 million in 2005 to approximately
US$2.4 million in 2007.
 Over 80 percent of our respondents who suffered fraud
also stated that this had caused damage — or
significant damage — to their business.
 No industry is immune from the threat posed by
economic crime although different sectors are
impacted by different types of fraud.
Management's impact
 The level of collateral damage is directly proportional
to the seniority of the perpetrator. In 29 percent of the
occasions where senior managers were involved, the
collateral damage to the brand was very significant.
Controls and culture
 Internal controls are not enough. An ethical corporate
culture plays an equally important role in deterring
fraud.
 Companies with both ethical guidelines and
compliance programs report suffering fewer economic
crimes.
73
PWC 2007 Survey (cont.)
.

Emerging markets
 Over 43 percent of the companies
interviewed reported suffering one or more
significant economic crimes in the past two
years.
 Companies in which parent and
subsidiaries employed different accounting
systems where more susceptible to fraud
(61 percent of cases) than those operating
a unilateral system (52 percent).
 E7 'experts' perceive significant risk
associated with levels of corruption, staff
integrity and legal environment in the
emerging markets.
 Actual levels of reported fraud in the E7
countries are consistently high in the area
of asset misappropriation.
 44 percent of IP infringement cases
(worldwide) that involved a perpetrator
overseas involved a perpetrator from China.
Source: PWC Global Economic Crime Survey
2007
97
Scienter Necessary
To prove any type of fraud,
prosecutors must show that scienter
was present.
 That is, the fraudster must have
known that his or her actions were
intended to deceive.
------------------------------------------------The allure of numbers to most of us, is
like the excitement of settling sand--a
narcoleptic surety. Crafty criminals
prey on this boredom. They pile on the
numbers, spewing meaningless
records in the false books.

Cory Johnson
75
Fraud
Legally, Black’s Law Dictionary defines fraud as:
All multifarious means which human ingenuity can
devise, and which are resorted to by one individual
to get an advantage over another by false
suggestions or suppression of the truth, and
includes all surprise, trick, cunning or dissembling,
and any unfair way by which another is cheated.
The four legal elements to fraud are
 A false representation or willful omission regarding
a material fact.
 The fraudster knew the representation was false.
 The target relied on this misappropriation.
 The victim suffered damages or incurred a loss.
---------------------------------------------------------------------
Institute of Internal Auditors definition:
Any illegal acts characterized by deceit,
concealment, or violation of trust. These acts
are not dependent upon the applications to
obtain money, property, or services; to avoid
payment or loss of services; or to secure
personal or business advantage.
76
How Fraud Occurs
Source: KPMG Fraud Study
77
Types of Fraud
Source: KPMG Fraud Study
78
Certain Fraud is Increasing
Source: KPMG Fraud Study
79
Occupational Fraud By Industry
Median
Loss ($)
Banking/ Financial Services
14.3%
258,000
Government/ Public
Administration
11.5%
82,000
Manufacturing
9.7%
413,000
HealthCare
8.6%
160,000
Insurance
7.5%
100,000
Retail
7.2%
80,000
Education
7.0%
100,000
Service (General)
5.8%
163,000
Service (Professional, etc.)
5.6%
300,000
Construction
3.4%
500,000
Utilities
3.3%
124,000
Oil/ Gas
3.1%
154,000
Real Estate
2.9%
200,000
Wholesale trade
2.9%
1,000,000
Mining
.01%
17,000,000
Source: 2006 Wells Report, ACFE.
80
One Piece at a Time
Johnny Cash
(1976)
81
One Piece At A Time
Well, I left Kentucky back in '49
An' went to Detroit workin' on a 'sembly line
The first year they had me puttin' wheels on cadillacs
Every day I'd watch them beauties roll by
And sometimes I'd hang my head and cry
'Cause I always wanted me one that was long and
black.
One day I devised myself a plan
That should be the envy of most any man
I'd sneak it out of there in a lunchbox in my hand
Now gettin' caught meant gettin' fired
But I figured I'd have it all by the time I retired
I'd have me a car worth at least a hundred grand.
CHORUS
I'd get it one piece at a time
And it wouldn't cost me a dime
You'll know it's me when I come through your town
I'm gonna ride around in style
I'm gonna drive everybody wild
'Cause I'll have the only one there is a round.
So the very next day when I punched in
With my big lunchbox and with help from my friends
I left that day with a lunch box full of gears
Now, I never considered myself a thief
GM wouldn't miss just one little piece
Especially if I strung it out over several years.
82
One Piece At A Time
The first day I got me a fuel pump
And the next day I got me an engine and a trunk
Then I got me a transmission and all of the chrome
The little things I could get in my big lunchbox
Like nuts, an' bolts, and all four shocks
But the big stuff we snuck out in my buddy's mobile home.
Now, up to now my plan went all right
'Til we tried to put it all together one night
And that's when we noticed that something was definitely
wrong.
The transmission was a '53
And the motor turned out to be a '73
And when we tried to put in the bolts all the holes were gone.
So we drilled it out so that it would fit
And with a little bit of help with an A-daptor kit
We had that engine runnin' just like a song
Now the headlight' was another sight
We had two on the left and one on the right
But when we pulled out the switch all three of 'em come on.
The back end looked kinda funny too
But we put it together and when we got thru
Well, that's when we noticed that we only had one tail-fin
About that time my wife walked out
And I could see in her eyes that she had her doubts
But she opened the door and said "Honey, take me for a
spin."
.
83
One Piece At A Time
So we drove up town just to get the tags
And I headed her right on down main drag
I could hear everybody laughin' for blocks around
But up there at the court house they didn't laugh
'Cause to type it up it took the whole staff
And when they got through the title weighed sixty pounds
CHORUS
I got it one piece at a time
And it didn't cost me a dime
You'll know it's me when I come through your town
I'm gonna ride around in style
I'm gonna drive everybody wild
'Cause I'll have the only one there is around.
(Spoken) Ugh! Yow, RED RYDER
This is the COTTON MOUTH
In the PSYCHO-BILLY CADILLAC Come on
Huh, This is the COTTON MOUTH
And negatory on the cost of this mow-chine there RED
RYDER
You might say I went right up to the factory
And picked it up, it's cheaper that way
Ugh!, what model is it?
Well, It's a '49, '50, '51, '52, '53, '54, '55, '56
'57, '58' 59' automobile
It's a '60, '61, '62, '63, '64, '65, '66, '67
'68, '69, '70 automobile.
84
Missing Fraud
Auditors will continue to miss fraud
because much of their work is predicted on
the assumption that separation of duties
prevents fraud (i.e., one person hold the
money and another person keeps track of
it). The Equity Funding case shakes the
foundations of auditing in that so much is
based on the assumption that people
don’t collude very long. These people
work together as an efficient team for a
very long time [9 years].
Lee Seidler
------------------------------------------“When the sun goes down, then the
sneaks will play at night.”
From Porter Wagoner “Sneaks Crawl at Night.”
85
The Perpetrators





First-time offenders.
Losses from fraud caused by
managers and executives were 3.5
times greater than those caused by
non-managerial employees.
Losses caused by men were 3 times
those caused by women. [53%
males; 47% females]
Losses caused by perpetrators 60
and older were 27 times those
caused by perpetrators 25 or
younger.
Losses caused by perpetrators with
post-graduate degrees were more
than 3.5 times greater than those
caused by high school graduates.
Source: 2002 ACFE Report
86
FBI Part 2 Offenses — Female
Embezzlement
 Fraud
 Forgery
 Larceny – theft
 Serial Killer (62)

41%
39%
36%
33%
20%
87
White-collar criminals have these
characteristics:








Likely to be married.
Member of a church.
Educated beyond high school.
No arrest record.
Age range from teens to over
60.
Socially conforming.
Employment tenure from 1 to
20 years.
Acts alone 70% of the time.
Source: Jack Robertson, Fraud Examination for
Managers and Auditors (1997).
88
Other Characteristics of Occupational
Fraudsters:

Egotistical

Risk taker

Hard Worker

Greedy

Disgruntled or a
complainer


Overwhelming
desire for personal
gain
Pressured to
perform
 Inquisitive
 Rule breaker
 Under stress
 Financial need
 Big spender
 Close
relationship with
vendors /
suppliers
Source: Lisa Eversole, “Profile of a Fraudster,” Some Fraud
Stuff,
http://www.bus.lsu.edu/accounting/faculty/lcrumbley/fraudste
r.html
89
Quotes
To be a forensic auditor, you have
to have a knowledge of fraud, what
fraud looks like, how it works, and
how and why people steal.
- Robert J. Lindquist
"Finding fraud is like using a metal
detector at a city dump to find rare
coins. You're going to have a lot of
false hits."
- D. Larry Crumbley
“Fraud can be best prevented by good
people asking the right questions at
the right time.”
- Michael J. Comer
90
“Finding fraud is like trying to load frogs
on to a wheelbarrow.”
Larry Crumbley
It’s easy to fall in love;
It’s easy to commit fraud;
It’s hard to catch the fraud.
91
Fraud Catching
Finding fraud is like trying to herd
cats and chickens.
There is a chicken catching
machine (150 chickens per
minute),* but there is no perfect
fraud catching machine.
D. Larry Crumbley
* PH2000 mechanical chicken harvester.
Scott Kilman, “Poultry in Motion: Chicken
Catching Goes High Tech,” Wall Street
Journal, June 4, 2003, p. A-1. Human can
catch about 1,000 an hour. $200,000 cost.
92
How Fraud Is Detected
2006
2004
1.
Tips
34.2%
39.6%
2.
By accident
25.4%
21.3%
3.
Internal audit
20.2%
23.8%
4.
Internal controls
19.2%
18.4%
5.
External audits
12.0%
10.9%
6.
Notification by police
3.8%
0.9%
Source: 2006/ 2004 Wells Reports, ACFE.
A British publication suggests that prosecutors think
that accountants have x-ray vision. “It is assumed
that if an accountant stares really hard at a set of
accounts, then somehow, magically, information will
appear before his/ her eyes that are invisible to lesser
mortals.”
NIFA News, Number 10, p.1.
93
Sources of Tips
1.
Employees
64.1%
2.
Anonymous
18.1%
3.
Customers
10.7%
4.
Vendors
7.1%
Source: 2006 Wells Report, ACFE.
94
Tips Are Important
Some of the biggest recent accounting
scandals (e.g., HealthSouth, Xerox, Waste
Management) involve situations where the
auditors were tipped off or otherwise
alerted to possible frauds but they failed to
investigate them deeply enough.
In her book Power Failure, Sherron
Watkins says she talked to Jim Hecker, at
Arthur Andersen, on the phone about the
dangers of the Raptors and Fastow’s
inherent conflict. Hecker wrote a memo to
the files and forwarded copies to David
Duncan and Enron’s audit partner, Debra
Cash. His note: “Here is my draft memo, for
your review, for ‘smoking guns’ that you can
not extinguish.” p. 285.
95
Finding Fraud In The Midst of a Conspiracy
When speaking about the fraud of HealthSouth, a
spokesman for Ernst & Young emphasized the
difficulty of detecting accounting fraud in the
midst of a conspiracy of senior executives and
false documentation.
An accountant testified that HealthSouth employees
would move expenses of $500 to $4,999 from
the income statement to the balance sheet
throughout the year. Overall the SEC said about
$1 billion in fixed assets were falsely entered. The
employees moved only those expenses less than
$5,000, because Ernst & Young automatically
looked at those expenses over $5,000.
An ex-bookkeeper even sent Ernst & Young an email flagging one area of the fraud, but E & Y still
did not catch it. Employees actually produced
false invoices when the accounting firm asked for
back-up.
Source: Charles Mollenkamp, “Accountant Tried in Vain to Expose
HealthSouth Fraud,” Wall Street Journal, May 20, 2003, pp. A-1
and A-13.
96
Quotes
You should attack fraud problems
the way the fictional Sherlock
Holmes approached murder cases
D. Larry Crumbley
--------------------------------------------
To be a good fraud auditor, you
have to be a good detective.
Source: Robert J. Lindquist
-------------------------------------------------------
Many lap-dog internal and
external auditors need to be
replaced with junkyard dogs.
D. Larry Crumbley
97
Difficult Task
More forensic techniques should
become a part of both external and internal
auditing. But Stephen Seliskar says that “in
terms of the sheer labor, the magnitude of
effort, time and expense required to do a
single, very focused [forensic] investigation
-- as contrasted to auditing a set of the
financial statements -- the difference is
incredible.” It is physically impossible to
conduct a generic fraud investigation of an
entire business.
Source: Eric Krell, “Will Forensic Accounting Go
Mainstream?” Business Finance Journal, October 2002,
pp. 30-34.
www.investigation.com/artilces/library/2002Articles/15.ht
m.
98
Kessler Survey (2001)
About 13% of employees are
fundamentally dishonest.
 Employees out-steal shoplifters.
 About 21% of employees are honest.
 But 66% are encouraged to steal if
they see others doing it without
repercussion.

Source: “Studies Show 13% of employees are fundamentally
dishonest,” KesslerNews, November 1, 2001,
www.investigation.com/articles/library/2001articles.
--------------------------------------------------------------------------------------


30% of people in U.S. are dishonest.
30% situational dishonest.
40% are honest all of the time.
Source: R.C. Hollinger, Dishonesty in the Workplace, Park Rider, N.Y.:
London House Press, 1989, pp. 1-5.
99
Little Has Changed: CFO Survey



Nearly half of CFOs – 47 percent – report
they still feel pressure from their superiors
to use aggressive accounting to make
results look better.
What is worrisome is that the pressure to
make the numbers hasn’t abated much. Of
these who have felt pressure in the past,
only 38 percent think there is less pressure
today than there was three years ago, and
20 percent say there is more.
Few finance executives have much
confidence in the numbers their colleagues
are reporting. Only 27 percent say that if
they were investing their own money, they
would feel “very confident” about the
quality and completeness of information
available about public companies.
Source: Don Durfee, “It’s Better (and Worse) Than You Think,” CFO Magazine, May 3, 2004.
100
Some Infamous Financial Statement Frauds

Tyco
•
•
•
•
•
•
•

Adelphia [Greek for brothers]
•
•
•

Moved debt to subsidiaries which were not consolidated.
Personal loans to the Rigas family (self-dealing).
Falsified operations statistics and inflated earnings.
Xerox
•
•

Large interest-free loans to officers; then forgiven ($87.1 million).
Unauthorized bonuses (no approval of BOD).
Fake documents showing no loans outstanding.
SEC found that PwC had prior knowledge of fraud back to 1998.
Undisclosed real estate transaction with related parties.
False entries in books to cover-up bribes given to foreign officials.
If numbers did not meet expectations, Richard Scrushy told
employees to “fix them.”
Accelerated revenues from leasing equipment.
Cookie jar reserves.
Sunbeam
•
•
•
•
Cookie-jar restructuring reserves.
Channel stuffing.
Guaranteed sales.
Improper bill and hold.
101
Some Infamous Financial Statement Frauds

Waste Management
•
•
•
•

HPL Technologies (2001-2002)
•
•
•

Reduced depreciation expense by inflating salvage value and
extending useful lives.
No write-offs for unsuccessful land projects.
Improperly capitalized a number of expenses.
Made top drawer adjustments.
Created many fake purchase orders from Canon sales (a
Japanese distributor). Printed and pasted Canon signatures on
the documents.
Altered bank records to create millions of dollars in nonexistence
customer payments.
Borrowed millions from his brokerage account (secured by HPL
stock) and channeled the funds into the company in the form of
payments.
Baptist Foundation of Arizona
•
•
•
•
Set up subsidiaries owned by insiders to buy real estate (which
had crashed in value) from BFA.
BFA then recorded notes receivables in the amount of the book
values.
Ran a ponzi scheme using new investors’ money to pay old
investors high returns.
Refused to give Arthur Anderson financial statements of the
subsidiaries.
102
D.R. Cressey’s Fraud Pyramid
Don’t think you’re the only ones
Who bend it, break it, stretch it some.
We learn from you.
Girls lie, too
Terri Clark
103
SAS No. 99 Characteristics of
Fraud
Incentives / pressures
Attitude /
Rationalization
Opportunity
104
Everyone Has A Price?
President Abraham Lincoln is supposed to have thrown a
man out of his office after being offered a bribe. The bribe
involved a substantial sum, and Lincoln was very angry. His
anger was directed at the man in question, but also at
himself. He is reputed to have said, “Every man has his
price, and he was getting too close to mine.”*
The “price” where a person will act dishonestly (e.g., steal,
cook the books) varies from person to person.
What is your price?
In a scene from the movie, The Family Man, an angel stands
behind the counter of a convenience store and takes a $1 bill
from a young woman who is purchasing a $0.99 beverage.
The angel counts out change for $10 and hands the
overpayment to the woman. The customer stares blankly at
the clerk, takes the money and the beverage, and leaves. The
angel is left to lament the lack of ethical behavior for just
$9. “Character, and for what, $9; that is so
disappointing”.**
* From a speech by Lynn Turner, former chief accountant of U.S.
Securities and Exchange Commission, given at the 39th Annual
Corporate Counsel Institute, Northwestern University School of Law,
October 12, 2000.
** MCA Home Video 2000.
105
Fraud Pyramid



Motive
 Excessive spending to keep up appearances of
wealth.
 Other, outside business financial strains.
 An illicit romantic relationship.
 Alcohol, drug or gambling abuse problems.
Opportunity
 Lack of internal controls.
 Perception of detection = proactive preventative
measure.
Rationalization (reduces offender’s inhibitions)
 “Borrowing” money temporarily.
 Justifying the theft out of a sense of being
underpaid. (“I was only taking what was mine.”)
 Depersonalizing the victim of the theft. (I wasn’t
stealing from my boss; I was stealing from the
company.”)
106
Psychology of Fraud

Fraud can be explained by three factors:
•
•
•
Supply of motivated offenders.
Availability of suitable targets.
Absence of capable guardians (e.g.,
internal controls).

The three B’s -- babes, booze, and bets.

Some fraudsters wish to make fools of
their victims. They take delight in the act
itself.

Risk of fraud is a product of both
personality and environmental (or
situational) variables.
Grace Duffield and Peter Grabosky, “The Psychology of Fraud,” Australian
Institute of Criminology, No. 19.
107
The Fraud Diamond
Incentive/ Pressures
Capacity
Opportunity
Rationalization/ Integrity
Capacity: Necessary traits; abilities; can pull it
off; positional authority
D.T. Wolfe and D.R. Hermanson, “The Fraud Diamond:
Considering The Four Elements of Fraud,” The CPA J.,
December, 2004, pp. 38-42.
108
Example of Greed (or Incentive)
Three Duke Energy employees were
charged in April 2004 for allegedly ginning up
“phony electricity and material-gas trades to
boost trading volumes” and inflating “profits
in a trading book that was the basis of their
annual profits.”
 “The trading schemes are alleged to have
inflated their bonuses by at least $7 million”
between March 2001 and May 2002. There
were 400 rigged trades that produced a $50
million profit in the trade books.
 Duke used mark-to-market accounting to
record profit and loss contracts that might not
be settled for years.
 So called “round-trips trades (or wash
sales) were used to jack up reported trading
volumes.

Source: Rebecca Smith, “Former Employees of Duke Charged Over Wash
Trades,” WSJ, April 22, 2004, p. A-15.
109
KPMG’s Causes or Indicators of Fraud
(1998)









Personal financial pressure.
Substance abuse.
Gambling.
Real or imagined grievances.
Ongoing transactions with related
parties.
Increased stress.
Internal pressures to meet
deadlines/budgets.
Short vacations.
Unusual hours.
Source: KPMG’s 1998 Fraud Survey
110
Rationalization
Sherron Watkins provides an
excellent comment about
rationalization with respect to
Enron’s Jeff Skilling and Andy
Fastow.
At what point did they turn
crooked? “But there is not a
defining point where they became
corrupt. It was one small step after
another, with more and more
rationalizations. There was a slow
erosion of values over time.”
Source: Pamela Colloff, “The WhistleBlower,” Texas Monthly, April 2003, p. 141.
111
Fraud’s Fatal Failings



85% of fraud victims never get
their money or property back.
Most investigations flounder,
leaving the victims to defend
for themselves against
counter-attacks by hostile
parties.
30% of companies that fail do
so because of fraud.
Source: Michael J. Comer, Investigating
Corporate Fraud, Burlington, VT: Gower
Publishing, 2003, p. 9.
112
Sarbanes-Oxley Act (7-30-2002)





Most significant change since 1934
Securities Exchange Act
New five-member Public Company
Accounting Oversight Board (PCAOB)
Authority to set and enforce auditing,
attestation, quality control and ethics
(including independencies) standards for
auditors of public companies.
Empowered to inspect the auditing
operations of public accounting firms that
audit public companies as well as impose
disciplinary and remedial sanctions for
violations of the board’s rules, securities
laws and professional auditing and
accounting standards.
Rotation of lead and concurring audit
partners every five years (5 year time-out
period).
113
Sarbanes-Oxley Act (7-30-2002)

Eight types of services outlawed:
+ Bookkeeping.
+ Information systems design and
implementation
+ Appraisals or valuation services, fairness
opinions, or contribution-in-kind-reports.
+ Actuarial services
+ Internal audit outsourcing
+ Management and human resources
services
+ Broker/dealer, investment adviser, and
investment banking services
+ Legal or expert services related to audit
services


Applies to foreign accounting firms filing
with SEC after July 15, 2006.
http://www.pcaob.us, to get free
subscription to PCAOB Update.
114
Sarbanes-Oxley Act of 2002








If you are going to be an auditor, you have to be an
auditor, not an auditor and a consultant [Senator Jack
Reed].
In order to be independent, an accounting firm should
not
 Audit ones own work.
 Function as part of management or an employee.
 Act as an advocate.
No limitations are placed upon accounting firms in
providing non-audit services to public companies they
do not audit or any private companies.
Audit services and non-audit services (e.g., tax) must be
pre-approved by the audit committee, if not prohibited
by the Act (before the service commences).
Auditor must report to the audit committee on a timely
basis.
Cooling off period of one year before a member of the
audit engagement team can begin working for the
registrant in certain positions.
There is no requirement to rotate the auditors.
There is discussion of requiring a forensic audit
irregularly. Harvey Pitt suggested this proposal.
115
SOX’s Effects on Smaller Firms
1.
Smaller firms have incurred higher SOXrelated costs.




2.
3.
4.
5.
6.
Larger increase in audit fees – ineffective internal
controls.
Complex standards affect smaller firms because
they lack in-house staff.
Larger firms stopped working with smaller firms.
Larger non-audit fees.
Directors fees much higher.
Potential benefits for smaller firms are
higher for small firms.
Overall, SOX imposes a net loss on all firms.
CEOs and CFOs spent as much as 90% of
their time on compliance, forcing them to
defer investments.
SOX reduced the value of small firms—no
effect or positive for large firms.
Source: E. Kamar, P.K. Mandic, and E. Talley, “SOX’s Effects on
Small Firms: What Is the Evidence?” June 2007.
116
Parallel Universe: Two Opinions
External auditors must do a regular
audit of a company (e.g., financial
statements are fairly stated) and must also
audit the internal controls that are to
ensure that the financial statements are
accurate (e.g., issue two opinions).
Prior to the external auditors’ arrival,
the company itself must review its internal
controls and issue a report on the
effectiveness of these controls.
There will be two external opinions: on
management’s assessment of the internal
controls over financial reporting and
another one on the effectiveness of the
internal controls themselves (e.g.,
statements are fairly stated).
PCAOB Release 2004-001.
117
Anti-Fraud Strategy





The company’s stance on fraud
and other breaches of the ethical
code.
What will be done and by whom in
the case that frauds or other
breaches are suspected.
The key initiatives which the
company proposes;
Who will lead these initiatives.
Clear deadlines and measures for
monitoring effectiveness of
implementation.
Source: David Davies, Fraud Watch, 2nd Edition., London, ABG
Professional Information, 2000, p. 77.
118
Anti-Fraud Program
An auditor must perform
“company-wide anti-fraud programs
and controls and work related to other
controls that have a pervasive effect on
the company, such as general controls
over the company’s electronic data
processing.”
Further, the auditor must
“obtain directly the ‘principal evidence’
about the effectiveness of internal
controls.”
PCAOB endorses the COSO
Cube [pp. 24-26 and A-25 and A-26]
Source: PCAOB Release 2004-001.
119
Frameworks Being Used by CFOs
• COSO
82%
• Auditing Standard No. 2
28%
• COBIT (Control/ Objectives
for Inf./ Related Technology)
33%
• SAS 55/78 (AICPA)
13%
• Others
2%
120
COSO CUBE
(5 components of internal controls)
121
The COSO Model
1.
2.
3.
4.
5.
Control environment – management’s
attitude toward controls, or the “tone at the
top.”
Risk assessment – management’s
assessment of the factors that could prevent
the organization from meeting its objectives.
Control activities – specific policies and
procedures that provide a reasonable
assurance that the organization will meet its
objectives. The control activities should
address the risks identified by management
in its risk assessment.
Information and communication – system
that allows management to evaluate
progress toward meeting the organization’s
objectives.
Monitoring – continuous monitoring of the
internal control process with appropriate
modification made as deemed necessary.
www.erm.cosous.org
122
COSO New Cube: Enterprise Risk Management
Source: erm.coso.org. See Apostolou and Crumbley, “ Sarbanes-Oxley
Fall-out Leads to Auditing Standards No. 2: Importance of Internal
Controls,” The Value Examiner, November/December 2004, pp. 55-60.
123
Management Control Philosophy

Fraudulent Financial Reporting more likely
to occur if

Firm has a poor management control philosophy.
Weak control structures.
Strong motive for engaging in financial statement
fraud.



Poor management philosophy:

Large numbers of related party transactions.
Continuing presence of the firm’s founder.
Absence of a long-term institutional investor.


Source: Paul Dunn “Aspect of Management Control Philosophy that
contributes to fraudulent Financial Reporting,” Journal of Forensic
Accounting, Vol. IV (2003), pp. 35-60
124
CONTROL ACTIVITIES

Segregation of Accounting Duties

Effective segregation of accounting
duties is achieved when the following
functions are separated:




Authorization—approving transactions and
decisions.
Recording—Preparing source documents;
maintaining journals, ledgers, or other files;
preparing reconciliations; and preparing
performance reports.
Custody—Handling cash, maintaining an
inventory storeroom, receiving incoming
customer checks, writing checks on the
organization’s bank account.
If any two of the preceding functions
are the responsibility of one person,
then problems can arise.
Source: Accounting Information Systems, 10e
Romney/Steinbart, PH
125
CONTROL ACTIVITIES
•
•
•
•
•
•
CUSTODIAL
FUNCTIONS
Handling cash
Handling
inventories, tools, or
fixed assets
Writing checks
Receiving checks in
mail
EXAMPLE OF
PROBLEM: A person
who has custody of
cash receipts and the
recording for those
receipts can steal some
of the cash and falsify
accounts to conceal the
theft.
SOLUTION: The pink
fence (segregation of
custody and recording)
prevents employees
from falsifying records
to conceal theft of
assets entrusted to
them.
•
•
•
•
RECORDING
FUNCTIONS
Preparing source
documents
Maintaining journals,
ledgers, or other files
Preparing
reconciliations
Preparing
performance reports
AUTHORIZATION
FUNCTIONS
• Authorization of
transactions
Source: Accounting Information
Systems, 10e Romney/Steinbart, PH
126
CONTROL ACTIVITIES
•
•
•
•
CUSTODIAL
FUNCTIONS
Handling cash
Handling
inventories, tools, or
fixed assets
Writing checks
Receiving checks in
mail
RECORDING
FUNCTIONS
Preparing source
documents
Maintaining journals,
ledgers, or other files
Preparing
reconciliations
Preparing performance
reports
•
•
•
•
•
•
AUTHORIZATION
FUNCTIONS
• Authorization of
transactions
EXAMPLE OF
PROBLEM: A person
who has custody of
checks for transactions
that he has authorized
can authorize fictitious
transactions and then
steal the payments.
SOLUTION: The green
fence (segregation of
custody and
authorization) prevents
employees from
authorizing fictitious or
inaccurate transactions
as a means of concealing
a theft.
Source: Accounting Information Systems, 10e Romney/ Steinbart,
PH
127
CONTROL ACTIVITIES
CUSTODIAL FUNCTIONS
• Handling cash
• Handling inventories,
tools, or fixed assets
• Writing checks
• Receiving checks in mail
•
•
EXAMPLE OF
PROBLEM: A person who
can authorize a transaction
and keep records related to
the transactions can
authorize and record
fictitious payments that
might, for example, be sent
to the employee’s home
address or the address of a
shell company he creates.
SOLUTION: The purple
fence (segregation of
recording and
authorization) prevents
employees from falsifying
records to cover up
inaccurate or false
transactions that were
inappropriately authorized.
RECORDING FUNCTIONS
• Preparing source
documents
• Maintaining journals,
ledgers, or other files
• Preparing reconciliations
• Preparing performance
reports
AUTHORIZATION
FUNCTIONS
• Authorization of
transactions
Source: Accounting Information Systems, 10e Romney/Steinbart, PH
128
Risk Assessment Benefits
A major step in a forensic audit is to
conduct a risk assessment, which entails a
comprehensive review and analysis of program
operations in order to determine where risks
exists and what those risks are.
Any operation developed during the risk
assessment process provides the foundation
or basis upon which management can
determine the nature and type of corrective
actions needed.
A risk assessment helps an auditor to
target high-risk areas where the greatest
vulnerabilities exist and develop
recommendations to strength internal controls
Source: B.l. Derby, “Data Mining for Improper Payments,”
Journal of Government Management, Winter 2003, Vol.52,
No. 4, pp. 10-13.
129
Fraud Risk Assessment
Ernst & Young report found that
organizations that had not
performed fraud vulnerability
reviews were almost two-thirds
more likely to have suffered a
fraud within the past 12 months.
J.W. Koletar, p. 167.
A company should have a fraud
risk assessment performed of
their controls, procedures,
systems, and operations. J.W.
Koletar, p. 166.
Sources: J.W. Koletar, Fraud Exposed, John Wiley &
Sons, 2003
130
Swimming Lanes
Mary Ben
Controls
Cash
X
Entries in
Books
X
Deposits
Checks
Does
Reconciling
Controls
Accounts
Receivable
Jane Sam
X
X
X
X
X
X
X
X
X
X
131
Sophisticated Approaches
1.
2.
3.
The Quad Method
The Staggered Box Method
The Chessboard Method
132
COSO Guidance
Risk Assessment Matrix
See COSO, “Guidance for Smaller
Public Companies,”
www.ic.coso.org
133
PCAOB’s AS2 Report:
Hindrances
1.
2.
3.
4.
5.
6.
7.
Failure to coordinate or integrate the
AS2 audit of internal controls with the
financial audit.
Doing detail testing before the top
down audit looking for the high risk
areas (e.g., fishing).
Inadequate consideration of the
unique risk factors of the company
(e.g., avoid the checklist mentality).
Do not audit the low risk areas.
Inefficient walkthroughs of
transaction controls.
Too little reliance on others.
Insufficient evaluation of
compensating controls when there is
a discovery of control deficiencies.
Inadequate testing of controls over
financial statement presentation and
disclosures.
134
GAP Analysis
Actual Internal Controls
Organization’s Stated Internal
Controls
Best Practice Internal Controls
135
SAS No. 99 Types of Fraud
Unlike errors, fraud is intentional and
most often involves deliberate
concealment of facts by management,
employees, or third parties

Fraudulent Financial Reporting: does
not follow GAAP (e.g., recording
fictitious sales)

Misappropriation of Assets:
embezzling receipts, stealing assets,
or causing an entity to pay for goods
or services that have not been
received.
Often accomplished by false or
misleading records or documents,
possibly created by circumventing
internal controls.
136
Fraudulent financial reporting may
occur by the following:
 Manipulation, falsification, or
alteration of accounting
records, or supporting
documents from which
financial statements are
prepared.
 Misrepresentation in or
intentional omission from the
financial statements of events,
transactions, or other
significant information.
 Intentional misapplication of
accounting principles relating
to amounts, classification,
manner of presentation, or
disclosure.
Source: SAS No. 99, “Consideration of Fraud in a
Financial Statement Audit,” New York: AICPA
137
SAS No. 99 Ways to Overcome the Risk of
Management Override of Controls



Examining journal entries
and other adjustments.
Reviewing accounting
estimates for bias,
including a retrospective
review of significant
management estimates.
Evaluating the business
rationale for significant
unusual transactions.
138
Parmalat Deceptions








Parmalat, an Italian diary company, had a
nonexistence Bank of America bank
account worth $4.83 billion. A SEC lawsuit
asserts that Parmalat “engaged in one of
the largest and most brazen corporate
financial frauds in history.”
Apparently, the auditors Grant Thornton
relied on a fake Bank of America
confirmation prepared by the company.
SAS No. 99 does not prohibit clients from
preparing confirmations.
The fraud continued for more than a
decade. At least $9 billion unaccounted for.
Therefore, the audited company should not
be in control of the confirmation process.
The owner treated the public company as
if it was his own bank account.
An unaware phone operator was the fake
chief executive of more than 25 affiliated
companies.
Some $3.6 billion in bonds claimed to be
repurchased had not really been bought.
139
Examples



Enron issued $1.2 billion of stock to
special purpose entities and recorded a
$1.2 billion notes receivable (rather than
a contra account to stockholders equity).
Both assets and owners equity were
overstated by $1.2 billion.
HealthSouth allegedly overstated profits
by at least $14 billion by billing Medicare
for physical – therapy services the
company never performed. The company
submitted falsified documents to
Medicare to verify the claims over 10
years.
E&Y collected $2.6 million from
HealthSouth (as audit-related fees) to
check the cleanliness and physical
appearances of 1,800 facilities. A 50point checklist was used by dozens of
junior-level accountants in unannounced
visits. For 2000, E&Y audit fee, $1.03
million; other fees, $2.65 million.
140
Journal Entries at Year End: Those Magic
Changes
Apparently, Arthur Andersen
was given
limited access to the general ledger at
WorldCom, which had a $11 billion fraud
(largest accounting fraud in history). Most of
the original entries for online costs were
properly placed into expense accounts.
However, near the end of the period these
entries were reversed. One such entry was as
follows:
Other Long-term Assets $629,000,000
Construction in Progress
$142,000,000
Operating Line Costs
$771,000,000
The support for this entry was a yellow postit note.
WorldCom’s outside auditors refused to
respond to some of Cynthia Cooper’s
questions and told her that the firm had
approved of some of the accounting methods
she questioned.
141
Those Magic Changes: Yellow Peril
 Fourth Quarter of 1999: "The $239 million
[international line cost accrual release] was
entered in WorldCom's general ledger ... The only
support recorded for the entry was
'$239,000,000,' written on a Post-it Note and
attached to a printout of the entry."
 Third Quarter of 2001: "Myers gave Sethi a Postit Note that said 'Assume $742 million.' Later,
Myers and Sethi had a conversation confirming
that $742 million identified on the Post-it Note was
the line cost capitalization entry for the quarter.”
http://thestreet.com/pf/markets/dumbestgm/10093441.html
----------------------------------------------------Those Magic Changes
“Oh my heart arranges, oh those magic changes,
oooh yeah.”
Grease
142
Yellow Peril
First Quarter of 2002: "In Capital Reporting,
Myers told Sethi to go see Vinson, who would
have the amount to be capitalized. When Sethi
did so, Vinson handed him a Post-it Note that had
the $818 million adjustment on it. Brian Higgins
once again refused to make the necessary
allocation for the first-quarter 2002 capitalization
entry. Despite his growing concerns, Sethi made
the allocation because he was concerned that his
immigration status would be jeopardized if he
lost his job."

First Quarter 2002: "$109.4 million was taken
from the general accrual account that Vinson set
up and reclassified to several SG&A balance
sheet accounts in five large, round-dollar
amounts. The only supporting documentation that
we were able to locate for these entries was a
Post-it Note listing the various SG&A accounts
and the amounts that should be taken from the
Vinson account."

http://thestreet.com/pf/markets/dumbestgm/10093441.html
143
Cooking-the-Books Often
Collaborative Effort
•
For restatements between January 1,
1997 to June 30, 2002, 45% were
accused of securities fraud and subject
to shareholder suits.
•
Average of 7 individuals were
implicated, including
CEOs
CFOs
COOs
General counsel
Directors
Internal/external auditors
Source: Robert Tillman and Michael Indergaard, Control Overrides
in Financial Statement Fraud.
144
WorldCom Fraud Massive






At least 40 people knew about the fraud.
They were afraid to talk.
Scott Sullivan handed out $10,000
checks to 7 involved individuals.
Altered key documents and denied
Andersen access to the database where
most of the sensitive numbers were
stored.
Andersen did not complain about denied
access.
Company officials decided what tax
rates they wanted and then used the
reserves to arrive at the tax rates.
Source: Rebecca Blumenstein and Susan Pullian,
“WorldCom Fraud Was Widespread,” Wall Street
J., June 10, 2003, p. 3.
145
Differences Between Auditing/Forensic Accounting
Auditing
Forensic
1. Recurring
2. Express an
opinion
1. Non-recurring
2. Resolve an
allegation or
deterrence review
3. Follow consulting
standards
4. Materiality not
important
5. Detailed financial
analysis
6. Establish scienter
3. Follow GAAS
and SAS 99
4. Materiality
important
5. Sampling activity
6. Use professional
skepticism
7. Audit program
7. No set of rules
146
Financial Audit v. Forensic Audit
The typical financial audit is a
sampling activity that doesn’t look at every
transaction and can therefore be exploited by
someone who knows how to rig the books.
Forensic accounting focuses on a
specific aspect of the books and examines
every digit. While the average accountant is
trying to make everything add up, a forensic
accountant is performing a detailed financial
analysis to find out why everything doesn’t or
shouldn’t add up.
It’s a far more time-consuming
enterprise and can be significantly more
expensive than regular auditing work.
Jake Poinier, “ Fraud Finder,” Future Magazine, Fall 2004,
http://www.phoenix.edu/students/future/oldissues/Winter2004/fra
ud.htm
147
Pre SAS 99
Consulting
Standards
Auditing
Standards
Traditional
Investigatio
n
Traditional
Audit
Post SAS 99
Auditing
Standards
Consulting
Standards
Traditional
Investigation
Forensic
Procedures
in the Audit
Environment
SAS 99
Source:AICPA, “Forensic Services, Audits, and Corporate
Governance: Bridging the Gap,” Discussion Memorandum,
2004.
148
Steps Toward Forensic Audit




Traditional audit [forensic
techniques & fraud prevention
program].
If suspect fraud, bring in-house
forensic talent into the audit.
If no in-house talent or fraud
complex, engage an outside
forensic accountant (e.g., Cr.FA,
CFFA, or CFD).
As audit moves toward forensic
investigation, auditor must
comply with litigation services
standards (consulting).
149
Inexperienced Forensic Auditors

Find out who did it. Do not worry about
all the endless details.

Be creative, think like the fraudster, and
do not be predictable. Lower the
auditing threshold without notice.

Take into consideration that fraud often
involves conspiracy.

Internal control lapses often occur
during vacations, sick outages, days off,
and rest breaks, especially when
temporary personnel replace normal
employees.
H. R. Davia, Fraud 101, New York: John Wiley & Sons, 2000, pp.
42-45.
150
Types of Forensic Engagements







Determine if fraud is occurring.
Support criminal or civil action against
dishonest individuals.
Form a basis for terminating a
dishonest employee.
Support an insurance claim.
Support defense of an accused
employee.
Determine whether assets or income
were hidden by a party to a legal
proceeding (such as a bankruptcy or
divorce).
Identify internal controls to prevent it
from happening again.
Source: D.R. Carmichael, et. al, Fraud Detection, 5th,
Fort Worth: Practitioners Publishing, 2002, p. 2 – 4.
151
Two Major Types of Fraud
Investigations


Reactive: Some reason to
suspect fraud, or occurs after a
significant loss.
Proactive: First, preventive
approach as a result of normal
operations (e.g., review of
internal controls or identify
areas of fraud exposure). There
is no reason to suspect fraud.
Second, to detect indicia of
fraud.
Source: H.R. Davia, “ Fraud Specific Auditing,” Journal of
Forensic Accounting, Vol. 111, 2002, pp. 111-120
152
Proactive Is Beneficial

The threat of a future investigation reduces
the occurrence of fraudulent behavior from
75% to only 43%.

The larger the pay-off, the more likely a
person will commit fraudulent behavior.

Give the fox a key to the hen house and he/
she is going to eat hens.
Source: S. L. Tate et. al, “The Small Fraud Paradigm: An
Examination of Situational Factors That Influence the
Non-Reporting of Payment Errors,” J. of Forensic
Accounting, Vol.7, 2006, p. 406.
---------------------------
The greater the risk of detection, the less
likely a person is to violate the law.
Jeremy Bentham
18th Century Philosopher
153
Proactive vs. Reactive Approaches
Proactive approaches include
 Effective internal controls,
 Financial and operational
audits,
 Intelligence gathering,
 Logging of exceptions, and
 Reviewing variances.
Reactive detection techniques
include
 Investigating complaints and
allegations,
 Intuition, and
 Suspicion.
Jack Bologna and Robert Lindquist, Fraud Auditing and Forensic Accounting,
2d Edition, New York: John Wiley, 1995, p. 137.
154
Proactive Is Best



When the IRS began requiring banks
to issue Form 1099s reporting interest,
the reported interest income increased
by $8 billion (even though for 3 years
the IRS did not have computer
matching capacity).
When the IRS began to require
taxpayers to list a social security
number for dependents, the next year
the number of reported dependents
dropped by seven million. More than
11,000 of these taxpayers claimed
seven or more dependents in 1986, but
they claimed none in 1987.
When the IRS began to require
taxpayers to list a name, address, and
social security number for babysitters,
two years later 2.6 million babysitters
disappeared.
155
Fraud Deterrence Better Than Fraud
Investigation
1.
2.
3.
4.
5.
Fraud deterrence less
expensive.
Deterrence is more
comprehensive.
Fraud deterrence produces
greater savings.
Deterrence is faster.
Fraud deterrence promotes
better customer relations.
Daniel Finnegan, “Deterring Fraud,” Quality Planning
Corporation, 1991.
156
Is Company Proactive?










Fraud hotline (reduce fraud losses
by 50% re Wells 2002 Report).
Suggestion boxes.
Make everyone take vacations.
People at top must set ethical
tone.
Widely known code of conduct.
Check those employee references.
Reconcile all bank statements.
Count the cash twice in the same
day.
Unannounced inventory counts.
Fraud risk assessment (CFD).
157
$7.4 Billion Losses at Societe Generale
•
•
•
•
•
•
•
•
Jerome Kerviel evaded all of the French bank’s
controls to bet $73.5 billion on European markets –
more than the bank’s market value. Six year
employee; junior employee.
Kerviel reported to work early, stayed late, and took
only 4 days off in 2007. In France six weeks of
vacation is fashionable.
Starting in early 2005, he made small unauthorized
trades. The bank missed the illicit trades and the red
flags.
Kerviel described growing increasingly daring after no
one at the bank detected a series of small,
unauthorized trades that he placed.
He entered fictitious and offsetting trades to minimize
the odd of big losses.
He stole other people’s computer access codes,
falsified documents, and employed other methods to
cover his tracks.
He had an excellent understanding of the bank’s
processing and control procedures so he could
circumvent all of the controls.
His motive: quest for glory and a bonus.
158
Some Hints











Need to really understand the
business unit. What they really do.
Have a mandatory vacation policy.
Rotation of assignments.
Have a written/signed ethics policy.
Do things differently each time you
audit a unit.
Do not tell client what you are
doing.
Hard to find fraud in the books.
Look/listen. Look for life style
changes.
Do not rely on internal controls to
deter fraud.
Auditors must have control of the
confirmation process.
Careful of related parties.
Careful of “trusted” employees.
159
Stamp Mates







Afinsa, a Spanish stamp company,
controls 72% of Escala, a U.S. company
(formerly Greg Manning Auctions).
Escala says all sales to Afinsa takes place
at independent established prices.
But Escala’s reported gross margin on
stamp sales to Afinsa exceeds 44% [like
land flipping].
Compared to less than 14% on those to
other clients.
Therefore, Escala was manipulating the
value of stamps sold to Afinsa to
artificially boost its own bottom line.
Escala’s stock fell from $32 to $5 in five
days after the May 8, 2006 arrests of
seven executives. Police found $12.6
million behind one dealer’s freshly
plastered walls in his home (e.g.,
unreported profits?).
Escala owns A-Mark Precious Metals,
which buys and distributed more than
one-half of the gold coins handed each
year by the U.S. mint.
160
Fraud Deterrence Review
Analysis
of selected records and
operating statistics.
Identify operating and control
weaknesses.
Proactively identify the control structure
in place to help prevent fraud and
operate efficiently.
Not an audit; does not express an
opinion as to financial statements.
May not find all fraud especially where
two or more people secretively agree to
purposely deceive with false statements
or by falsifying documents.
[Always get a comprehensive, signed
engagement letter defining objectives.]
161
Fraud Detection Process
Discuss facts and objectives with client/attorney (e.g.,
conflict of interests).
2.
Evaluation whether to accept the engagement.
3.
Prepare a work program.
4.
Develop time and fee schedule.
5.
Obtain approval of work program, staff assignments,
and fee estimates.
6.
Obtain an engagement letter.
7/8. Identify fraud exposures and symptoms.
9/10. Evaluate evidence obtained and determine if more
evidence is needed.
11/12. Search for and evaluate additional evidence.
13.
Discuss preliminary findings with client/attorney.
14.
Draft a final report.
15.
Review the report and work papers.
16.
Resolve professional disputes.
17.
Clear review points and open items.
18.
Communicate report or findings.
19.
Help attorney prepare court case/testify.
20.
Perform follow-up procedure.
21.
File work papers/report.
1.
Source: Carmichael et. al, PPC Fraud Detection, Vol.1, Ch. 2 (2002).
162
Financial Audit v. Forensic Audit
“ During one investigation, we found in the auditing
working papers written in the margin of the
internal audit working papers by the internal audit
manager: ‘Conceal from bankers,’ says Nicholas L.
Feakins, CPA, partner at San Mataeo, Calif based
forensic accounting firm Feakins & Feakins. “ It
sounds amazing, but the [third-party] auditors has
put B-level staff on the project who simply didn’t
read the documents and missed it.”
----------------------------------------------------------------MiniScribe, one of the world’s largest disk-drive
makers, which in the late 1980s was
surreptitiously shipping bricks instead of disk
drives to the Far East and receiving credit from the
bank for the amount of the shipments. “After all,”
he says “it’s going to be 90 days until they ship the
brick back to you. “MiniScribe’s public accounting
firm, Coopers & Lybrand, didn’t catch the falserevenue scam during its regular audits-but a
forensic accountant did.”
Jake Poinier, “ Fraud Finder,” Future Magazine, Fall 2004,
http://www.phoenix.edu/students/future/oldissues/Winter2004/fra
ud.htm
163
Materiality Unimportant
“Auditing is governed by materiality. In
investigative accounting, it is the opposite.
I am looking for one transaction that will be
the key. The one transaction that is a little
different, no matter how small the
difference, and that will open the door.”
Lorraine Horton, owner of L. Horton & Associates in Kingston, R.I.
-----------------------------------------------------------------------------------------------------
“Fraud usually starts small. It begins with little
amounts, because the perpetrator is going
to test the system. If they get away with it,
then they keep on increasing and
increasing it.”
Robert J. DiPasquale
Source: H.W. Wolosky, “Forensic Accounting to the Forefront,” Practical
Accountant, February 2004, pp. 23-28.
164
Forensic Accounting v. Auditing
“Forensic accounting is very different from
auditing in that there is no template to use.
There are no set rules. You don’t know when
you go into a job how it is going to be.”
Lorraine Horton, Kingston, R.I
------------------------------------------------------------------------------
“Forensic accounting “is a very competitive
field. What is interesting is that you may be a
good accountant, but not a good forensic
accountant. The training and the way you look
at transactions are different.”
Robert J. DiPasquale, Parsippany, N.J.
---------------------------------------------------------“Unlike auditing, lower-level staff often can’t
be used for an engagement. They normally will
not spot anything out of the ordinary, and an
experienced person should be the one testifying
as well as doing the investigative work.”
Lorraine Horton, Kingston, R.I.
Source; H.W. Wolosky, “Forensic Accounting to the Forefront,”
Practical Accountant, February 2004, pp. 23-28.
165
SAS No. 99 Recommendations





Brainstorming.
Increased emphasis on professional
skepticism.
Discussions with management.
Unpredictable audit tests.
Responding to management override of
controls.
166
SAS No. 99: SKEPTICISM



An attitude that includes a
questioning mind and a critical
assessment of audit evidence.
An auditor is instructed to conduct
an audit “with a questioning mind
that recognizes the possibility that
a material misstatement due to
fraud could be present, regardless
of any past experience with the
entity and regardless of the
auditor’s belief about
management’s honesty and
integrity.”
“Things are not always as they
appear, sonny boy.” James
Patterson, Honeymoon, Warner
Books, 2006.
167
SKEPTICISM
Ronald Reagan said with respect to
Russia, “Trust, but verify.”
FA’s motto should be “Trust no
one; question everything; verify.”
-----------------------------------------------------
This ain’t my first rodeo
I didn’t make it all the way through
school.
But my mama didn’t raise no fool.
I may not be the Einstein of our time.
But honey, I’m not dumb and I’m not
blind.
Vern Gosdin
168
BE SKEPTICAL







Assume there may be wrong
doing.
The person may not be
truthful.
The document may be altered.
The document may be a
forgery.
Officers may override internal
controls.
Try to think like a crook.
Think outside
the box.
169
SAS No. 99: Brainstorming
Aims to make the auditor’s consideration
of fraud seamlessly blended into the
audit process and continually updated
until the audit’s completion.
Brainstorming is now a required
procedure to generate ideas about how
fraud might be committed and
concealed in the entity.
 No ideas or questions are dumb.
 No one owns ideas.
 There is no hierarchy.
 Excessive note-taking is not allowed.
Source: Michael Ramos, “Auditors’ Responsibility for Fraud
Detection,” J. of Accountancy, January, 2003, pp. 28 – 36.
170
More Brainstorming
 Best
to write ideas down, rather than say
them out loud.
 Take plenty of breaks.
 Best ideas come at the end of session.
 Important to not define the problem too
narrow or too broad.
 Goal should be quantity, not quality.
 Geniuses develop their most innovative
ideas when they are generating the greatest
number of ideas.
 No such things as bad ideas.
 Many companies are great at coming up
with good ideas, but lousy at evaluating and
implementing them.
Source: A.S. Wellner, “Strategies: A Perfect Brainstorm,” Inc.
Magazine, October 2003, pp. 31-35
171
How Management Overrides Controls
(SAS No. 99)



Recording fictitious journal
entries (especially near end of
quarter or year).
Intentionally biasing
assumptions and judgments
used to estimate accounts
(e.g., pension plan
assumptions or bad debt
allowances).
Altering records and terms
related to important and
unusual transactions.
172
Wildcatting
The SEC has recently adopted the
proactive strategy of “wildcatting”
where investigations into entire
industries and business sectors are
begun after evidence emerges from
only one company in the group
regarding financial reporting problems.
Over time, the PCAOB will probably
be able to identify peculiarities within
existing or evolving industries that
require either standard setting or
regulatory attention, or both.
Source: Berton, L., “U.S. Accounting Watchdogs Try to Shut Barn Door,”
Bloomberg.com, April 2, 2004; J.H. Edwards, “Audit Committees: The Last
Best Hope,” Journal of Forensic Accounting, Vol. IV (2004), pp. 1-20.
173
Walkthroughs
An auditor must perform a walkthrough of a
company’s significant processes (each major
class of transactions).
Can not be achieved secondhand.
According to PCAOB, in a walkthrough an auditor
traces “company transactions and events – both
those that are routine and recurring and those
that are unusual – from origination, through the
company’s accounting and information systems
and financial report preparation processes, to
their being reported in the company’s financial
statements.”
Auditors should perform their own walkthroughs
which provides auditors with appropriate
evidence to make an intelligent assessment of
internal controls.
Source: PCAOB Briefing Paper, Proposed Auditing Standards, October 7, 2003.
174
Slot Machine Example
175
Revenue Flows
176
Wandering Around
• Informal observations while in the
business.
• Especially valuable when assessing the
internal controls.
• Observe employees while entering and
leaving work and while on lunch
break.
• Observe posted material, instructions,
job postings.
• Observe information security and
confidentiality.
• Observe the compliance with
procedures.
• Appearance is not necessarily reality.
Man of La Mancha
177
New Terms in Financial Reports:
Deficiencies Have No Bright Lines
Control deficiency – one that might allow a
bad number to get into the financial
reports (e.g., the likelihood that a
company misstates reports is remote– 1
out of 20).
Example: company does not check
changes made by a salesman in a minor
contract.
Significant deficiency – more serious flaw
or a number of flaws that increase the
chances that wrong numbers will
significantly distort financial statements
(e.g., more than remote).
Example: company not checking for
changes to terms of several key
contracts.
Need only to report to BOD, but some
companies are making them public.
178
Deficiencies Have No Bright Lines
Material weakness – deficiencies are so
bad that there is more than a remote
change of a material misstatement in
financial statements.
Example: a bank does not regularly
check for errors in estimating loan-loss
expenses (i.e., Fannie Mae reported a
$1.3 billion error from its computer
model, many in an uncontrolled
environment).
They must be reported.
David Henry, “How Clean Are the Books?” Business Week, March 7,
2005, pp. 108-109.
----------------------------------------------------Firms that reported material
weaknesses in tax accounting lost an
average of 5.8% of their stock value 60
days after the announcement.
----------------------------------------------------As of 11-14-05, 695 companies have
disclosed material weaknesses in their
annual report.
179
Material Weakness Areas
AREAS OF FAILURE
2005
2004
Tax accruals/ deferrals
34.5%
32.0%
Revenue recognition
28.4
31.3
Inventory/ vendor cost of sales
23.7
27.4
Fixed/ Intangible assets
16.0
18.6
Leases or contingencies
9.3
16.8
Cash flow (FAS 95 error)
8.8
--
Consolidation (Fin 46 issues)
6.7
9.0
* 10% of corporate filers in 2005 and 16% in
2004.
Source: AuditAnalytics.com
180
Law Suits Few So Far
• Companies reporting problems with internal
controls have not seen a big increase in class-action
lawsuits, according to a study by Deloitte & Touche
between November 2003 and August 2004.
• Deloitte said only 6% of the 290 companies
reporting internal-control flaws were sued.
• 52% of the firms had material weakness in their
internal controls.
• These internal control announcements did not
seem to send prices downward.
• Highest incidence of internal controls:
-computer-software firms
-manufacturers
-health-care and pharmaceutical companies.
- financial-services firms
-telecommunication companies.
Source: Judith Burns, “Few Firms Are Sued Over Flaws in Internal
Controls, Study Finds, WSJ, December 29, 2004, p. B-5.
181
Think Like A Crook




Know your enemy as you know yourself,
and you can fight a hundred battles with
no danger of defeat.” Chinese Proverb.
Military leaders study past battles.
Football and basketball teams study
game films of their opponents.
Chess players try to anticipate the moves
of their opponent.
Examples: If contracts above $40,000 are
normally audited each year, check the
contracts between $30,000-$40,000.

FAs must learn the tricks of the trade as
well as the trade.
182
Think Outside the Box
American astronauts returning from
space complained that they could
not write with their pens in zero
gravity. NASA set aside $1 million
to develop a sophisticated pen that
would function in space.
The Russians encountered the same
problem. What did they do?
183
Three Major Phases of Fraud
The Act itself.
2. The concealment of the fraud (in financial
statements).
3. Conversion of stolen assets to personal use
(interest free loans to Tyco executives
forgiven).
One can study any one of these phases.
1.
Examples:
 Things being stolen: conduct surveillance
and catch fraudster.
 If liabilities being hidden, look at financial
statements for concealment.
 If fraudster has unexpected change in
financial status, look for source of wealth.
Source: Cindy Durtschi, “The Tallahassee Bean
Counters: A Problem-Based Learning Case in
Forensic Audit,” Issues in Accounting Education, Vol.
18, No. 2, May 2003, pp. 137-173.
184
The Methods



Asset misappropriation
accounted for more than four out
of five offenses or 91.5% in
2006 (92.7% in 2004).
$150,000
Bribery and corruption
constituted about 30.8% in 2006
(30.1% in 2004) of offenses.
($538,000)
Fraudulent statements were the
smallest category of offense
10.6% in 2006 (7.9% in 2004)
(most costly). $2 million per
scheme.
Source: 2006 Wells Report, ACFE.
185
Fraudulent Disbursements



Fraudulent disbursements
account for three-quarters of
the losses, and the most
expensive tend to be
fraudulent disbursements
through billing schemes (45%).
Therefore, internal auditors
seeking to get the biggest bang
for their investigative bucks
should begin by making sure
company vendors are for real.
Check tampering (30%).
Source: J.T. Wells, “An Unholy Trinity,” Internal
Auditor, April 1998, p. 33.
186
Restatements of Financial Statements
2006
2005
2004
1,420 (10%)
1,225(8.6%)
650
2003
514
2002
330
2001
270
1999
216
1998
158
Reasons for 2004 restatements:
1. Revenue recognition.
2. Equity accounting.
3. Revenues, accruals, contingencies.
•
•
15% were repeat filers.
Arthur Andersen had averaged 11 restatements
before 2002. In 2002, they had 40, with 26 after
new auditors were retained.
Source: Greg Farrell, “Restatements of Earnings in 2005 to Break
Record,” USA Today 12/29/2005; Stephen Taub, CFO.com, March 3, 2006.
187
Class Action Securities Fraud Actions
Year
Year
2006
114
2000
215
2005
181
1999
208
2004
233
1998
240
2003
223
1997
175
2002
267
1996
112
2001
497
1995
188
Although the number of shareholder class
action lawsuits have gone down,
settlements are now much bigger (average
$65 million). Unions and retirement funds
are playing an increasing role, resulting in
much higher settlements.
Stanford Law School Securities Class Action Clearing House,
securities.stanford.edu/index.html; “Classier Actions,” The Economist, February 17,
2007, pp. 76-77.
188
Auditors Must be Alert for:






Concealment
Collusion
Evidence
Confirmations
Forgery
Analytical relationships
Source: Gary Zeune, “The Pros and Cons.”
----------------------------------------------“Things are not what you think they
are.” Al Pacino, “The Recruit.”
189
An Average of Seven People Involved
Authors Robert Tillman and
Michael Indergaard found that of
the 834 companies that issued
restatements between January 1,
1997 and June 30, 2002, 374 or
45% were accused of securities
fraud.
 An average of 7 persons were
normally involved – CEOs, CFOs,
COOs, general counsel, directors,
and internal and external auditors.

190
Measures Helpful in Preventing Fraud
1.
2.
3.
4.
5.
6.
7.
8.
9.
Strong Internal Controls (3.66)
Willingness of companies to
prosecute (3.44)
Regular fraud audit (3.40)
Fraud training for auditors (3.33)
Anonymous fraud reporting
mechanisms (3.27)
Background checks of new
employees (3.25)
Established fraud policies (3.12)
Ethical training for employees (2.96)
Workplace surveillance (2.89)
Source: 2004 Wells Report
191
Anti-Fraud Measures –
Months to Detect – Median Loss
YES
NO
1.
Hotlines
$100,000
(15)
$200,000
(24)
2.
Internal audits
$120,000
(18)
$218,000
(24)
3.
External audits
$181,000
(23)
$125,000
(18)
4.
Surprise audits
$100,000
(15)
$200,000
(24)
5.
Fraud awareness/
Ethics Training
$100,000
(15)
$200,000
(24)
Source: 2006 Wells Report, ACFE.
192
Code of Ethics Required by Sarbanes-Oxley
Section 406: Public issuer has to
adopt a code of ethics for senior
financial officers to deter wrong –
doing and to promote
1.
Honest and ethical conduct.
2.
Full, fair, accurate, timely and
understandable disclosure in SEC
filings.
3.
Compliance with government
laws, rules, and regulations.
4.
Prompt internal reporting code
violations;
5.
Accountability for adherence to
the code.
193
More Hints …









Check employee
references/resume.
Stop giving the employee/client the
answer when you ask a question.
Zero tolerance for allowing
employee/executive to get away
with anything.
Always reconcile the bank
statements.
Try to think like a criminal.
Get inside the criminal’s mind. Be a
detective.
Do not assume you have honest
employees.
Bond employees.
Uni-ball gel pens.
Source: Gary Zeune
194
Auditing Hints
• SAS No. 99 does not require auditors to make
inquiries of “others,” as opposed to
management. Auditors must talk to and
interview others below management level. If
asked, employees may be willing to report
suspicious activities.
• Use independent sources for evaluating
management (e.g., financial analysts). Surf
the internet.
• Auditors need to follow the performance
history of managers and directors.
• If a company has an anonymous reporting
system, obtain information about the
incidents reported and consider them when
assessing fraud risk.
• Be sure to perform analytical procedures, and
the work should be reviewed by senior
members of the audit team.
195
Auditing Hints (cont.)
• Auditors should select sample items below
their normal testing scope (e.g., HealthSouth).
• Fraud procedures should be more than
checklists. Audits should focus on finding and
detecting fraud.
• Ask for and review all “top drawer” entries.
• Ask for and review all side agreements.
196
Check References and Resume
Fraud 101: Fraudsters can
change their job and address, but
they can not change who they
are.
197
Integrity Testing




Pre-employment drug testing.
Post-employment drug testing
more sensitive.
Pre-employment polygraph tests
prohibited by 1988 Act (Federal,
State, Local Governments and
Federal Contractors exempted
from the Act).
Written integrity tests.
198
Lavish Executive Pay



Many of the companies indicted by
the SEC after Enron had one thing
in common: CEOs were making
about 75% above their peers.
The common thread among the
companies with the worst corporate
governance is richly compensated
top executives, as per the
Corporate Library, Portland, Maine
governance-research firm. Hefty
pay checks and perks to current or
former chief executives.
Poor BODs have in common: an
inability to say no to current or
former chief executives.
Source: Monica Langley, “Big Companies Get Low
Marks for Lavish Executive Pay,” Wall Street J.,
June 9, 2003, p. C-1.
199
Impaired Independence
The independence of the auditor will probably be
impaired and reduce the quality of financial
statement audits, if any of the following conditions
occur during financial statement audits:
1)
2)
3)
4)
5)
auditor’s excessive personal loyalty to the audit
client,
auditor’s fear of losing client to a competitive CPA,
auditor’s fear of a lawsuit if CPA withdraws from
audit engagement,
auditor’s fear of harming client with audit opinion
other than unqualified, and
auditor’s conflict between consulting and auditing
services offered.
G. D. Moyes and A. Anandarajan, “CPAs’ Perceptions of Factors Influencing the
Quality of Financial Statement Audits: Substandard Performance and Impaired
Independence,” J. of Forensic Accounting, Vol. 7, 2006, p. 133.
200
Earnings Management
Earnings management may be defined as
the “purposeful intervention in the external
financial reporting process, with the intent
of obtaining some private gain.”
– Katharine Schipper, “Commentary on Earnings
Management,” Accounting Horizon, December 1989, p. 92.
Earnings management occurs when
managers use judgments in financial
reporting and in structuring transactions to
alter financial reports to either mislead some
stakeholders about the underlying economic
performance of the company, or to influence
contractual outcomes that depend on
reported accounting numbers.
P. Healy and J. Wahlen
201
Earnings Management
The difference between earnings
management and financial
statement fraud is the thickness of
a prison wall.
D. Larry Crumbley
The difference between earnings
management and financial
statement fraud is like the
difference between lightning and a
lightning bug.
D. Larry Crumbley
202
Capital Market Incentives to
Manage Earnings
1.
2.
3.
4.
5.
6.
7.
8.
9.
Management buyout firms, on average, manage their
earnings downward prior to the buyout.
Roughly 12 percent of firms making seasoned or initial
equity offerings manage their earnings upward by about 5%
of total assets prior to the offers.
Firms who are in danger of failing to meet management
earnings forecasts, on average, manage their earnings
upward prior to releasing the annual earnings figure.
Firms, on average, manage their earnings to meet or beat
expectations of financial analysts.
Firms that meet or beat analysts’ expectations earn about
8% incremental annual market-adjusted returns relative to
firms that fail to do so.
Firms with zero or a positive earnings surprise earn
incremental quarterly returns of 2.3%, and firms with
positive earnings surprise earn further incremental quarterly
returns of 3.4%.
About 40% of firms confronted with reporting slight losses
tend to manage their earnings in order to report positive
earnings.
About 12% of firms confronted with reporting slight earnings
decreases tend to manage their earnings in order to report
small earnings increases.
Investors do not see through most earnings management as
evidenced by the fact that firms flagged for earnings
management by regulators show an average stock price
decline of 9%.
Source: Masser Spears, “The Impact of Earnings Mgt. on the Credibility of
Corporate Financial Reporting,” Petroleum Acctg. and Financial
Mgt., Summer 2007, pp. 47-48.
203
Contracting Incentives to
Manage Earnings
1.
There is no evidence of earnings
management behavior by firms close to their
dividend covenant. Instead, these firms tend
to manage their cash flows.
2.
There is inconclusive (mixed) evidence of
earnings management behavior by firms to
other debt covenants, such as interest
coverage or leverage ratios.
3.
Some managers manipulate earnings to
increase bonus awards. There is no evidence
on the pervasiveness or the stock market
impact of this form of earnings management.
Source: Masser Spears, “The Impact of Earnings Mgt. on the
Credibility of Corporate Financial Reporting,” Petroleum
Acctg. and Financial Mgt., Summer 2007, pp. 47-48.
204
Regulatory Incentives to
Manage Earnings
1.
There is strong evidence that suggests that
firms manage earnings (a) to avoid
regulatory constraints, (b) to take advantage
of governmental benefits, and (c) to avoid
regulatory exposure.
2.
There is no direct evidence about how and
whether regulators impound those forms of
earnings management behavior.
Source: Masser Spears, “The Impact of Earnings Mgt. on the
Credibility of Corporate Financial Reporting,” Petroleum
Acctg. and Financial Mgt., Summer 2007, pp. 47-48.
205
Management or Manipulation?






More than one-half of CFOs say they can
legally influence reported earning by 3% or
more.
Operational levers: delaying operational
spending, accelerating order processing,
and driving sales force more.
Accounting steps: changing the timing of an
accounting change and adjusting
estimates.
One-third of CFOs would try to influence
results: 24% upward or 8% would try to cut
them.
Few CFOs think their auditors would catch
them.
If the auditors caught it, they probably
would not bring it up to management.
Don Durfee, “Management or Manipulation?” CFO, December, 2006, p.
28.
206
Financial Statement Fraud Schemes
Category
%
Concealed Liabilities
45.0%
Fictitious Revenues
43.3%
Improper Asset Valuations
40.0%
Improper Disclosures
37.5%
Timing Differences
28.3%
Source: 2006 Wells Report, ACFE.
207
Good Earnings Management
Careful timing of capital gains and
losses;
 Use of conferencing technology to
reduce travel costs; and
 Postponement of repair and
maintenance activities when faces
with unexpected cash flow declines.

L. G. Weld et. al, “Anatomy of a Financial Fraud,” The CPA
Journal, October 2004.
208
Abusive Earnings Management
Improper revenue recognition (e.g., bill and hold
sales).
 Improper expense recognition.
 Using reserves to inflate earnings in years with
falling revenues (cookie jar accounting).
 Shifting debt to SPE.
 Channel stuffing.
 Capitalizing marketing costs rather than expensing.
 Extending useful lives and inflating salvage values.
 Cookie jar reserves.
 Accelerating revenue from leasing equipment.
 SPEs not consolidated.

209
Early Warning Signs of
Earnings Management
Cash flows that are not correlated with
earnings;
Receivables that are not correlated with
revenues;
 Allowances for uncollectible accounts that
are not correlated with receivables;
 Reserves that are not correlated with
balance sheet items;
 Acquisitions with no apparent business
purpose; and
 Earnings that consistently and precisely
meet analysts’ expectations.

Magrath and Weld, “Abusive Earnings Management and
Early Warning Signs,” The CPA Journal, August 2002.
210
Some Red Flags of Earnings Management
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
CEO is also Chairperson of BOD (e.g.,
Parmalat).
Insiders have majority control of BOD.
Weak system of internal controls.
Performance emphasis on short-term goals.
Weak or non-existent Code of Ethics (e.g.,
Parmalat).
Questionable business strategies with
opaque disclosures (e.g., special purpose
entities).
CEO is uncomfortable with criticism (Enron’s
Jeff Skilling).
CEO or other senior management turnover
(Qwest’s CFO).
Insiders selling stock (Enron’s Ken Lay).
Independence problem from large non-audit
fees paid to external auditors (e.g.,
HealthSouth).
Company’s investment banker has
independence problems (e.g., Parmalat,
Enron).
211
Types of Financial Statement Fraud Schemes
Three professors have broken financial
statement fraud schemes into these ten
types:
1.
2.
3.
Fictitious and/or overstated revenues and
assets (e.g., non-ordered or cancelled goods).
Sunbeam created revenues by contingent
sales, a bill-and-hold strategy, and
accelerated sales. Digital Lightware, Inc.
recognized fraudulent billings. Cendant
Corporation created fictitious revenues, and
Knowledge Ware inflated revenues with
phony software sales. Xerox, Bristol-Mayers,
Merck.
Premature Revenue Recognition (e.g., holding
books open). 35-day month.
Misclassified Revenues and Assets (e.g.,
combining restricted cash accounts with
unrestricted cash accounts). School districts
and universities may engage in this strategy
with dedicated funds.
Source: S.E. Bonner, Z. Palmrose, and S.M. Young, “Fraud Types and Auditor
Litigation,” The Accounting Review, October 1998, pp. 503-532.
212
Types of Financial Statement Fraud Schemes
(contd …)
4.
5.
6.
7.
8.
9.
10.
Fictitious Assets and/or Reductions of
Expenses/Liabilities (e.g., recording
consigned inventory as inventory).
WorldCom.
Overvalued Assets or Undervalued
Expenses/Liabilities (e.g., insufficient
allowance for bad debts). Enron.
Omitted or Undervalued Liabilities (e.g.,
understated pension expenses). Hiding
losses (Allied National Bank).
Omitted or Improper Disclosures (e.g., stock
option expense estimates).
Equity fraud (e.g., recording nonrecurring
and unusual income or expense in equity).
Related-Party Transactions (e.g., fictitious
sales to related parties). Enron had many
related-party transactions. REFCO, Adelphia.
Financial Fraud Going the Wrong Way (e.g.,
for tax purposes reducing income or
increasing expenses).
213
Wrong Way Earnings Management




Freddie Mac understated past
earnings as much as $5 billion.
Certain transactions and accounting
policies were “implemented with a
view to their effect on earnings”
(e.g., to smooth earnings).
Restatements will result in higher
earnings in prior periods but lower
earnings in future periods.
Employees appeared to knowingly
violate accounting rules in an effort
to manipulate earnings.
Source: Patrick Barta and J.D. McKinnon, “Freddie Mac Profits May Have Been
Low By Up to $4.5 Billion,” Wall Street J., June 26, 2003, pp. C-1 and C11. Bethany McLean, “The Fall of Fannie Mae,” Fortune, January 24,
2005, pp. 123-140.
214
Fannie Mae’s Problem
• Fannie Mae was ordered by the SEC [2004]
to a restatement of earnings of $ 9 billion
(reducing earnings since 2001). Misuse of
hedge-accounting transactions and improper
accounting for loans.
• CFO J. Timothy Howard resigned with an
annual pension of $400,000 and lifetime
access to Fannie Mae’s Medical benefits. Plus
$ 4 million of stock options.
•CEO Franklin Raines was paid more than
$60 million over a 6 year period. On Dec. 21,
2004, Raines took early retirement. $ 1
million annually for life.
•The Board replaced KPMG as Fannie’s
auditor.
Source: Bethany McLean, “The Fall of Fannie Mae,” Fortune, January
24, 2005, pp. 123-140. Mike McNamee, “Franklin Raines Lost
Gamble,” Business Online, December 22, 2004.
215
Cooking the Books-Symbol Technologies

From 1998 through February 2003, Symbol used a socalled “Tango sheet” process through which fraudulent
“topside” accounting entries were made to reserves
and other items to conform the unadjusted quarterly
results to management’s projections;

Fabrication and misuse of restructuring merger and
other non-recurring charges to artificially reduce
operating expenses, create “cookie jar” reserves
(overstating inventory write-offs) and further manage
earnings;

Channel stuffing and other revenue recognition
schemes, involving both product sales and customer
services; stuffed the channel by granting resellers
return rights and contingent payment terms in side
agreements.

Manipulation of inventory levels and accounts
receivable data to conceal the adverse side effects of
the revenue recognition schemes.
216
Cooking the Books-Symbol Technologies

Warehouse arrangement with a large foreign distributor
that served as a vehicle for improperly recognizing
several millions of dollars.

Directed employees to refrain from scanning new
components or returned goods into the automated
accounting system.

Backdated (cherry picked) stock option exercise dates.

When “days sales outstanding’ because too large
because of fraudulent revenue recognition, reclassified
past due trade accounts receivable into notes
receivables. A growing DSO figure is often a sign that
receivables are impaired due to channel stuffing, etc.

Deferred $3.5 million of FICA insurance costs to a later
year.

Recognized revenue that was processed in one quarter,
but shipped the next quarter.
217
Seven Investigative Techniques
1.
2.
3.
4.
5.
6.
7.
Public document review and
background investigation (nonfinancial documents).
Interviews of knowledgeable
persons.
Confidential sources.
Laboratory analysis of physical
and electronic evidence.
Physical and electronic
surveillance.
Undercover operations.
Analysis of financial transactions.
Source: R.A. Nossen, The Detection, Investigation and Prosecution of
Financial Crimes, Thoth Books, 1993
.
218
Financial Fraud Detection
Tools



Interviewing the executives
Analytics
Percentage analysis




Horizontal analysis
Vertical analysis
Ratio analysis
Using checklists to help detect fraud




SAS checklist
Attitudes/Rationalizations checklist
Audit test activities checklist
Miscellaneous fraud indicator checklist
“Objectively obtaining and evaluating evidence is the
essence of auditing.”
(AAA, Committee on Basic Auditing Concepts, 1973, 2)
219
Investigative Techniques
Public Document Review
 Real
and personal property records.
 Corporate and partnership records.
 Civil and criminal records.
 Stock trading activities.
 Check vendors.
Laboratory Analysis
 Analyzing
fingerprints.
 Forged signatures.
 Fictitious or altered documents.
 Mirror imaging or copying hard
drives/company servers.
 Use clear cellophane bags for paper
documents.
220
Analytical Procedures
Analytical procedures involve the study or
comparison of the relationship between
two or more measures for the purpose of
establishing the reasonableness of each
one compared. Five types of analytical
procedures help find unusual trends or
relationships, errors, or fraud:
 Horizontal or Percentage Analysis
 Vertical Analysis
 Variance Analysis
 Ratio Analysis or Benchmarking
 Comparison with other operating
information
Source: D.L. Crumbley, J.J. O’Shaughnessy, and D.E.
Ziegenfuss, 2002 U.S. Master Auditing Guide,
Chicago: Commerce Clearing House, 2002, p.
592.
221
Sales v. Net Income
Forensic accountants should compare the
trend in sales with the trend in net income.
For example, from 1999 to 2001,
HealthSouth’s net income increased nearly
500%, but revenues grew only 5%. On
March 19, 2003, the SEC said that
HealthSouth faked at least $1.4 billion in
profits since 1999 under the auditing eyes
of Ernst & Young.
The SEC said that HealthSouth started
cooking its numbers in 1986, which Ernst &
Young failed to find over 17 years.
HealthSouth also inflated its cash balances.
222
Beware Inter-company Entries
HealthSouth used PeopleSoft, with at
least 2,000 different ledgers.

Suspense Account
Revenue
Accounts Receivable xx
Inventory
Property
Suspense Account
xx
xx
xx
xx
xxx
Most of the entries were inter-company
entries.
During 2005, 2004, and 2003,
professional fees associated with the
reconstruction of HealthSouth’s financial
records and restatement of 2001 and
2002 consolidated financial statements
approximated $206.2 million and $70.6
million, respectively.
223
Financial Statement Fraud Audit
1.
2.
3.
4.
5.
6.
7.
8.
Obtain current year’s financial
statements.
Obtain prior 3 years’ financial
statements.
Perform vertical/ horizontal analysis of
the 4 years, plus all current quarters.
Pay attention to footnotes.
Analysis of %s and footnotes by senior
auditors.
Nonsense %s and footnotes inquire
explanations from financial
management.
Interview lower level financial
employees who approved questionable
journal vouchers.
Combine explanations with visits to
accounting records/ source
documents.
224
Horizontal Analysis
Suppose advertising in the base year
was $100,000 and advertising in the
next three years was $120,000,
$140,000, and $180,000. A
horizontal comparison expressed as
a percentage of the base year
amount of $100,000 would appear
as follows:
Dollar
Amount
Horizontal
Comparison
Year 4
Year 3
Year 2
Year 1
$180,000
$140,000
$120,000
$100,000
180%
140%
120%
100%
225
Red Flags with Horizontal Analysis




When deferred revenues (on the balance sheet)
rise sharply, a company may be having trouble
delivering its products as promised.
If either accounts receivable or inventory is rising
faster than revenue, the company may not be
selling its goods as fast as needed or may be
having trouble collecting money from customers.
For example, in 1997 Sunbeam’s revenue grew
less than 1% but accounts receivable jumped 23
percent and inventory grew by 40 percent. Six
months later in 1998 the company shocked
investors by reporting a $43 million loss.
If cash from operations is increasing or decreasing
at a different rate than net income, the company
may be being manipulated.
Falling reserves for bad debts in relation to
account receivables falsely boosts income (cookie
jar accounting).
226
More Red Flags








Look for aggressive revenue recognition
policies (Qwest Communication, $1.1 billion
in 1999-2001). Beware of hockey stick
pattern.
Beware of the ever-present nonrecurring
charges (e.g., Kodak for at least 12 years).
Check for regular changes to reserves,
depreciation, amortization, or comprehensive
income policy.
Related-party transactions (e.g., Enron).
Complex financial products (e.g.,
derivatives).
Unsupported top-side entries (e.g.,
WorldCom).
Under-funded defined pension plans.
Unreasonable management compensation
Source: Scott Green, “Fighting Financial Reporting Fraud,”
Internal Auditor, December 2003, pp. 58-63.
227
Five Statistically Significant Ratios


Use the ratios for two successive fiscal
years.
Convert into indexes for benchmarking.
Day’s Sales in Receivable Index:
(Accounts Receivable t / Sales t )
(Accounts Receivable t-1 / Sales t-1)
Index for manipulators: 1.5 to 1
-------------------------------------------------------Gross Margin Index:
[(Sales t-1 - Cost of Sales t-1 ) / Sales t-1]
[(Sales t - Cost of Sales t ) / Sales t]
Index for manipulators = 1.2 to 1
-------------------------------------------------------Source: M.D. Beneish, “The Detection of Earnings
Manipulation,” Financial Analysts Journal,
September/October, 1999. t-1 = prior year.
228
Five Statistically Significant Ratios
Asset Quality Index =
1- (Current Assets t + Net Fixed Assets t )
Total Assets t
1 - (Current Assets t-1 + Net Fixed Assets t-1)
Total Assets t-1
Index for manipulators = 1.25 to 1
----------------------------------------------------------------Sales Growth Index : Sales t / Sales t-1
Manipulators: 60%
Non manipulators 10%
Source: M.D. Beneish, “The Detection of Earnings
Manipulation,” Financial Analysts Journal,
September/October, 1999. t-1 = prior year.
229
Five Statistically Significant Ratios
Total Accruals to Total Assets =
Δ Working Capital t - Δ Cash t - Δ Current Taxes
Payable t - Δ Current Portion of LTD t - Δ
Accumulated depreciation and amortization t
Total Assets t
TATA for manipulators: .031
TATA for non manipulators: .018
Source: M.D. Beneish, “The Detection of Earnings
Manipulation,” Financial Analysts Journal,
September/October, 1999. LTD = Long-term debt.
230
A Charles Lundelius Example
Comparison to peer group benchmarks:
Characteristic
peers
DSRI
GMI
AQI
SGI
TATA
MPS
Peer group
1.56
2.00
1.23
1.50
0.10
1.03
1.10
1.04
1.20
0.05
% over
51%
82%
18%
25%
100%
Source: C.R. Lundelius, Financial Reporting Fraud, AICPA, 2003, p.
129.
231
Z-Score Methodology
1.
2.
Altman’s Z-Score (Manufacturers)
AZ-Score = 1.2X1 + 1.4X2 + 3.3X3 + 0.6X4 +
0.999X5
Where:
X1 = Working Capital/Total Assets
X2 = Retained Earnings/Total Assets
X3 = EBIT/Total Assets
X4 = Market Value of Equity/Total Liabilities
X5 = Sales/Total Assets
Above 2.99, indicates sound financial health.
Grey zone, no conclusion can be drawn.
Below 1.81, indicates financial distress.
Altman’s Double Prime Z-Score
(nonmanufacturers)
Change X4 to Total Shareholders’ Equity
Drop X5
ADPZ-Score = 6.56X1 + 3.26X2 + 6.72X3 +
1.05X4
Above 2.6, strong.
Grey zone, no conclusion can be drawn.
Below 1.1, weak.
232
Z-Score Methodology (cont.)
3.
4.
Private Company Model
Use book value rather than
market value of equity.
PMZ-Score = 0.717X1 + 0.847X2
+ 3.107X3 + 0.420X4 + 0.998X5
Above 2.90, safety zone.
Grey zone, no conclusion.
Lower than 1.23, distress zone.
Hillegeist DPM
Gives probability of default.
HZ-Score = 3.835 + 1.13X1 +
0.005X2 + 0.269X3 + 0.399X4 –
0.033X5
Where 3.835 is constant.
Higher the score, the better.
233
Exercises
1.
In order to determine how risky a particular company is
that you are auditing, you prepare these five ratios
along with the same ratios of this company’s peers:
Company
Peers
Day’s Sales in Receivable Index
1.51
1.05
Gross Margin Index
1.98
1.11
Asset Quality Index
1.21
1.01
Sales Growth Index
1.53
1.19
Total Accruals to Total Assets
0.11
0.06
What are your thoughts about the risk potential of
this company?
2. You are provided the following information about a
company for two years (in millions):
Sales
Cost of Sales
2005
2006
$23,000
32,000
11,960
17,600
4,830
10,560
Accounts Receivable
Calculate:
a. Days Sales in receivable index.
b. Gross margin index.
c. Sales growth index.
Any thoughts about this company?
234
Ratio Analysis
1. Current ratio =
Current assets (cash and equivalents, receivables and inventories)
Current liabilities (payables, accruals, taxes, and debt due in 1 year)
2. Quick ratio =
Cash and equivalents plus receivables
Current liabilities
3. Working capital = Current assets – Current liabilities
Cost of goods sold
4. Inventory turnover = Average inventory
The number of days inventory is on hand can be calculated as
365
Inventory turnover
Net credit sales
5. Receivables turnover = Average receivables
6. Gross Margin = 1 –
Cost of goods sold
Sales
235
Excel Spreadsheet
Sherron Watkins discovered the Enron fraud in
2001 when she was again working under Andy
Fastow, CFO. She took a simple inventory, using an
Excel spreadsheet to calculate which of the
division’s assets were profitable and which were
unprofitable.
She discovered the special purpose
entities called Raptors, off-the-books partnerships.
Enron had hidden hundreds of millions of losses by
borrowing money from Raptors and promising to
pay the loans back with Enron stock. Enron was
hedging risks in its left pocket with money from its
right pocket.
As the value of Enron stock fell and the
losses in the Raptors mounted, Enron had to add
more and more stock because Enron had risked
97% of the losses, and Arthur Andersen had agreed
to the accounting.
Source: Mimi Swartz and Sherron Watkins, Power Failure,
New York: Doubleday, 2003, p. 269.
236
Investigative Technique: Videotapes

Average big city resident caught on videotape
about 75 times a day. Common in workplaces and
stores (USA).

Former Coca-Cola secretary convicted of
conspiring to steal and willing to sell confidential
Coca-Cola documents and samples of products
that the company was developing to Pepsi.

Coca-Cola security expert testified that
surveillance cameras were monitoring Joya
Williams’ movements. The surveillance was a key
part of the government’s evidence.

She stole the materials and was attempting to sell
for at least $1.5 million.

Deeply in debt, unhappy at job, and seeking a big
payday.
Could face 10-years in prison.
Myway, “Video Shows Coke Worker Taking Documents,” January
26, 2007.
237
Fraud Awareness Auditing:
Unrefined Oil
238
Problems
Solution:
Inventory Turnover =
C of GS
Average Inventory
= $2.9 million = 2.64%
1.1 million
Operating Margin = Operating Income
Sales
= $900,000 = .1125
$8 million
239
Thinking as a Forensic Auditor
The Iceberg Theory of Fraud
Overt Aspects
Hierarchy
Financial Resources
Goals of the Organization
Skills and Abilities of Personnel
Technological State
Performance Measurement
Structural
Considerations
Covert Aspects
Water
line
Attitudes
Feelings (Fear, Anger, etc.)
Values
Norms
Behavioral
Interaction
Considerations
Supportiveness
Satisfaction
Source: G.J. Bologna and R.J.
Lindquist, Fraud Auditing and
Forensic Accounting, 2nd Edition,
New York: John Wiley, 1995, pp. 3637
240
Behavioral Concepts Important
“Not all fraud schemes can
effectively be detected using data-driven
approaches.
Instances of corruption-bribery,
kickbacks, and the like – and collusion
consistently involve circumvention of
controls.
Searching relevant transaction data
for patterns and unexplained relationships
often fails to yield results because the
information may not be recorded, per se, by
the system.
Behavioral concepts and qualitative
factors frequently allow the auditor to look
beyond the data, both with respect to data
that is there and the data that isn’t.”
Source: S. Ramamoorti and S. Curtis, “Procurement Fraud & Data
Analytics, “Journal of Government Financial Management, Winter 2003,
Vol. 52, No. 4, pp. 16-24.
241
Life Styles Important
For someone who earned a salary of just
$1,000 a month, Rana Koleilat managed to live
a pretty nice life. She traveled by private jet,
took along her servant and hairdresser, and
stayed at luxurious locality in London and Paris.
Back home in Beirut, Lebanon, she lived in a
three-story penthouse. To anyone who asked
how she lived so well, she replied that she had a
“rich uncle.”
Actually, Koleilat helped manage a
private bank in Beirut, and thereby hangs a tale.
The chairman of the bank said he lost $1.2
billion, and depositors lost another several
hundred million dollars
E.T. Pound, “Following the Old Money Trail,” U.S. News & World Report, April
4, 2005, p. 30.
242
Be An Investigator
“Because I was an investigator,” he said.
“O.K.,” she said. “Investigators investigate.
That, I can follow. But don’t they stop
investigating? I mean, ever? When they know
already?”
“Investigator never know,” he said. “They
feel, and they guess.”
“I thought they dealt in facts.”
“Not really,” he said. “I mean, eventually they
do, I suppose. But ninety-nine percent of the
time it’s ninety-nine percent about what you
feel. About people. A good investigator is a
person with a feel for people.”
Lee Child, Echo Burning, N.Y.: Jove Books, 2001, p. 281.
243
Fraud Identifiers to Spot Fraudsters







Large ego
Substance abuse problems or
gambling addiction
Living beyond apparent
means
Self-absorption
Hardworking/taking few
vacations
Under financial pressure (e.g.,
heavy borrowings)
Sudden mood changes.
Source: G.E. Moulton, “Profile of a Fraudster,”
Deloitte Touche Tohatsu, www.deloitte.com, 1994.
244
Red Flags or Fraud Identifiers







Earnings problem: downward trend in
earnings
Reduced cash flow: If net income is moving
up while cash flow from operations is drifting
downward, something may be wrong.
Excessive debt: the amount of stockholders'
or owners' equity should significantly exceed
the amount of debt.
Overstated inventories (California Micro) and
receivables (BDO Seidman): If accounts
receivables exceeds 15 percent of annual
sales and inventory exceeds 25 percent of
cost of goods sold, be careful.
Inventory plugging: Record sales to other
chains as if they were retail sales rather than
wholesale chains (e.g., Crazy Eddie).
Balancing Act: Inventory, sales, and
receivables usually move in tandem because
customers do not pay up front if they can
avoid it.
CPA Switching: Firms in the midst of financial
distress switch auditors more frequently than
healthy companies.
245
Red Flags or Fraud Identifiers (contd…)





Hyped Sales: hyped sales by using his ample
personal fortune to fund purchases.
Reducing Expenses: Rent-Way reduced the
company’s expenses—a reduction of $127
million.
Ebitda: Earnings before interest, taxes,
depreciation, and amortization is a popular
valuation method for capital-intensive
industries.
Off-Balance Sheet Items: Enron had more
than 2,500 offshore accounts and around
850 special purpose entities.
Unconsolidated Entities: Enron did not tell
Arthur Andersen that certain limited
partnerships did not have enough outside
equity and more than $700 million in debt
should have been included on Enron’s
statements.
246
Red Flags or Fraud Identifiers
(contd…)





Creative or Strange Accounts: For their
1997 fiscal year, America Online, Inc.
showed $385 million in assets on its
balance sheet called deferred
subscriber acquisition costs.
Pension Plans
Reserve Estimates
Personal Piggy Bank: Family member
owners may use a corporation as a
personal piggy bank at the expense of
public investors and creditors.
Barter deals: A number of Internet
companies used barter transactions
(or non-cash transactions) to increase
their revenues.
247
Management’s Role
The Sarbanes-Oxley Act of 2002
mandates that CEOs and CFOs certify in
periodic reports containing financial
statements filed with the SEC the
appropriateness of financial statements
and disclosures.
--------------------------------------------------------
In March 2005, the SEC said that
executives are gatekeepers. Thus, an
executive can be in trouble if in a
position to detect wrongdoing below
them and do not move forcefully to
prevent the fraud. It does not matter if
the executive has been lied to. An
executive has the responsibility to cut
through the lies and try to root out the
truth.
Carol. J. Loomis, “The SEC Turns the Screws on
Gatekeepers,” Fortune, April 18, 2005, p. 38.
248
Pressures On All Sides
CEOs are now being squeezed as a
result of SOX by BODs, auditors, and
lawyers because these watchdogs are
finally facing genuine liability for their
failures. These watchdogs are trying to
protect their hides.
Arthur Andersen is out of business, and
directors at WorldCom and Enron are
paying off fraud claims out of their own
pockets. Hank Greenberg, former
Chairman and CEO of AIG said that the
balance of power in corporate America
has shifted.
Diane Brady and Joseph Weber, “The Boss on the Sidelines,”
Business Week, April 25, 2005, p. 88.
249
Significant Variables of
Fraudulent Companies
Percentage of total Board of Directors
holdings held by insiders.
 Insiders having greater than 50%
control of the BOD.
 CEO also being chairman of the BOD.
 CEO being the company’s founder.
 Lack of an audit committee.

SEC Accounting and Auditing Enforcement Releases (1982-1992).
250
CEO Duality
Eight of the ten recent scandals had board
chairs who were also CEO:
1.Enron
5. HealthSouth
2.Adelphia
6. Quest
3.Tyco
7. Homestore
4.Waste Management
8. Sunbeam
WorldCom and Global Crossing had different
Chairman and CEO.
-------------------------------------------------------Aging Board of Directors. “Easier for
Management to get away with misdeeds.”
Enron’s Audit Committee chairman was 72.
“They can be hard of hearing.” Nearly 10% of
directors in the S & P’s 500 stock index are
70 or over.
Source: Louis Lavelle, “Directors: Know When to Fold Them, “Business Week, May 24, 2004, p.14.
251
Audit Tests
The Panel on Audit Effectiveness
recommended that surprise or unpredictable
elements should be incorporated into audit
tests, including:
 Recounts of inventory and
unannounced visits to locations
 Interviews of financial and nonfinancial client personnel in different
locations
 Requests for written confirmations
from client employees regarding
matters about which they have made
representations to the auditors
 Tests of accounts not normally
performed annually
 Tests of accounts traditionally or
frequently deemed “low risk”
252
Audit Committee Red Flags
• Independence of audit committee from
management. Audit committee should
report to BODs.
• The clarity with which the audit
committee’s responsibilities are articulated,
such as in the charter, and how well the
audit committee and management
understand those responsibilities;
• The audit committee’s interactions and
involvement with the independent and
internal auditor; and
• Whether the audit committee raises and
pursues with management and the
independent auditor the appropriate
questions, including questions that indicate
an understanding of the critical accounting
policies and judgmental accounting
estimates.
253
Computer Forensics
“Today’s Sergeant Joe Friday does not write in a small
notebook in the course of solving crimes; he now
reconstructs the data from imaging hard drives.”
Joe Anastasi, The New Forensics, John Wiley & Sons, 2003.
“Corporate criminals don’t always tell the truth.
Their computers usually do.”
Thomas Talleur, KPMG
• “The need for computer forensics has dramatically
increased. This represents the use of computer
science principles and investigative techniques to
obtain digital evidence from computer systems that
is admissible in a court of law,” says Bruce
Dubinsky.
• Statistics indicate that 92 percent of new data is
created electronically and that 70 percent of this data
never migrates to paper. When investigators ignore
electronics evidence, it’s analogous to only
reviewing three out of 10 boxes containing
potentially relevant and discoverable information.
S. Kahan, “Sherlock Holmes Enters Accounting,” WebCPA, February,
2007.
254
Data Mining Found WorldCom Mess
Auditors should perform all of the
analytics themselves, and they must be
educated in fraud detection and
introduced to data mining techniques.
When the concept of data mining is
brought up, audit managers cringe and
argue that they cannot afford to employ
statisticians.
However, while there is data mining
software that requires a statistician’s
level of expertise (such as IBM’s
Intelligent Miner), there also are
products, such as WizSoft Inc., that can
be employed by most auditors who are
acquainted with the fundamentals of
Microsoft Office and who are curious as
to why they obtained their audit results.
Source: Bob Denker, “Data Mining and the Auditor’s Responsibility,”
Information Systems Audit and Control Association InfoBytes.
255
Technology Knowledge Important

Ruby Sharma, at E&Y, says that computer forensic services,
as well as electronic discovery and forensic data analysis, are
provided by its legal technology services practice, which
currently consists of 52 professionals, around one-fourth of
whom are primarily devoted to computer forensics and closely
related disciplines.
These computer forensics professionals provide a range of
services to clients beyond the traditional identification,
preservation and extraction of electronic evidence from
digital media, she says. They also provide forensic
investigations and analysis of digital media to determine the
circumstances surrounding the creation, deletion or
modification of specific documents; determine the
provenance of documents; locate and recover evidence that
has been either intentionally or unintentionally deleted; and
determine timelines and event sequences of computer
activity that may be of value to the investigation.

Frank Piantidosi, at Deloitte, says that technology is the heart
of most financial investigations, and electronic data drives
the investigation. He says that this group provides
repositories of all the data to the legal teams electronically,
rather than through the antiquated system of boxes and
boxes of hard copy files.

We have developed technology solution that can quickly find
and accumulate data from various sources anywhere in the
world, then read the data files using software from India,
then store the data using Australian technology for 5 to 10
years.
S. Kahan, “Sherlock Holmes Enters Accounting,” WebCPA, February 11, 2007.
256
Careful of E-mail and Text Messages

Do not put anything in an e-mail or text
message that you do not wish to see in the
newspaper or on the Internet.

14,000 flirty and sometimes sexually explicit
text messages between married Detroit Mayor
Kwame Kilpatrick and his top aide Christine
Beatty reprinted in Detroit Free Press. Found
on the city-issued pager of Beatty.

Both denied under oath having a physical
relationship.
257
Using Technology to Gather
Evidence






Drill-down functionality
Electronic imaging
Benford’s law
Digital Analysis Tests and Statistics
(DATAS)
Data warehousing/mining
Inductive vs. deductive method
258
Technology is Here
“Extensive knowledge and use of technology is
an absolute necessity. The ability to go into an
electronic image and download information,
and to get information from systems that don’t
talk to each other. All the accumulated
information can then be reviewed for financial
improprieties.”
Bert Lacativo, Southlake, Texas
------------------------------------------------------“We use off-the-shelf software (IDEA) to import
large databases, read different data files, set
up queries, and compare database files such
as addresses, telephone numbers, and Social
Security numbers. This process will tell us, for
example, if a purchase order was done on
Saturday or Sunday when the company isn’t
open.”
Cal Klausner, Bethesda, Md.
H.W. Wolosky, “Forensic Accounting to the Forefront,” Practical
Accountant, February 2004, pp. 23-28
259
Data Analysis vs. Data Mining Software




ACL, IDEA, and SAS are data
analysis (DA) software used to
ensure the integrity of data, to
program continuous monitoring, and
to detect fraudulent transactions.
DA requires a program to be set up
and run against the data. The
program is written by auditors (i. e.,
humans) who may be prejudice in
the routines that are executed.
Data Mining finds patterns and
subtle relationships in data.
Wiz Rule (from WizSoft, Inc.) and
IBM’s Intelligent Miner are data
mining software.
Source: Irina Sered, “Software,” kdnuggets.com/news/2001/n24/13i.html.
260
Wiz Rule Data Auditing Tool







Based upon data mining.
Performs complex analysis of data,
finding errors, inconsistencies, and
situations that require further
investigation.
WizRule reveals all the if-then rules,
mathematical formula rules, and
spelling irregularities.
Divides situations deviating from the
rules into data entry errors and
suspicious errors.
Can be used in auditing, fraud
detection, data scrubbing, and due
diligence reviews.
Learning curve is short.
Cost license is $1,395 and yearly
maintenance fee is $279.
Source: Irina Sered, “Software,”
kdnuggets.com/news/2001/n24/13i.html.
261
Who Uses IDEA?
External and Internal
Auditors
 Forensic Accountants/
Fraud Investigators
 Financial managers
 General and systems
consultants
 Educators
 Statisticians
 Information systems
professionals

262
IDEA Benefits
• Sort
• Compare
• Manipulate
• Sample
• Extract data
• Mathematical testing
• Exception
reports
• Aging
• Statistics
• Find missing
data
• Analytics
• Convert test
files to data
base
• Create
summary
reports
263
Using Data Mining






Match employee addresses
against vendor addresses.
Sort vendor list by size to
determine the most highly paid
suppliers.
Review the structure of vendor
names.
Uncover indications of ghost
employees (e.g., N.O. Police
dept.).
Fraudulent expense reports (even
amounts, $6).
Repeated withdrawals of even
amounts from petty cash.
264
Computer Forensics
“I need you to step away from your
computer please,” Lee Altschuler said.
Morgan Fay’s chief financial officer glanced up
from her computer screen. She regarded the
man standing at her office doorway for a
moment. “Excuse me?” Cindy Shalott asked.
“We’d like you to please conclude your
business for the day.” Lee Altschuler said. “I’d
appreciate it if you could complete whatever
you’re doing as quickly as you can. Please leave
your computer in the way that it is now. Don’t
turn it off.”
The chief financial officer swung her desk
chair around.
“Just move away from your computer
please,” Altschuler repeated.
“Who are you?” Cindy Shalott asked.
Source: Joe Anastasi, The New Forensics, John Wiley & Sons, 2003, p. 91
265
Ink Analysis





Martha Stewart was undone by a blue
ballpoint pen.
Stockbroker belatedly inserted a note to
help cover up Ms. Stewart’s improper
stock trading. Blue ballpoint ink used is
different from ink elsewhere on the
trading worksheet.
Prosecutors used forensic ink analysis in
Rite Aid case to show that certain
documents were backdated (ink used to
sign letter was not commercially available
until 3 months after the letter was dated).
Xerox laser printers now encode the serial
number of each machine in tiny yellow
dots in every printout, nestled within the
printed words and margins. It tracks
back to you like a license plate.
Advice for fraudsters: use pencils.
Source: Mark Maremont, “In Corporate Crimes, Paper Trail
Often Leads to Ink Analysts’ Door,” Wall Street J., July 1,
2003, p. A-1.
266
Deductive vs. Inductive


Deductive: one goes from general to
specific; fairly simple and economical.
Inductive: one starts with specific
experiences and then draws inferences.
Deductive Approach
Inductive Approach
Generic data mining
Custom data mining
Digital analysis
Analysis of all data
Discovery sampling
Generic software
Custom software
For smaller organizations
For larger organizations
Basic features
Sophisticated features
Easy to learn
Requires advanced skills
Relatively inexpensive
More expensive
Source: W.S. Albrecht and C.C. Albrecht, “Root Out
Financial Deception,” Journal of Accountancy (April 2002),
p. 33.
267
Benford’s Law


Distribution of initial digits in natural numbers is not random
Predictable patterns:
0= ----1= 30.1%
2= 17.6%
3= 12.5%
4= 9.7%
5= 7.9%
6= 6.7%
7= 5.8%
8= 5.1%
9= 4.6%
12%
11.4%
10.9%
10.4%
10%
9.7%
9.3%
9%
8.8%
8.5%
10.2%
10.1%
10.1%
10.1%
10%
10%
9.9%
9.9%
9.9%
9.8%
There is software to detect potentially invented numbers in many situations.
Compare actual frequency with Benford’s frequency.
268
Benford’s Law Uses










Investments sales/purchases
Check register.
Sales history/Price history.
401 contributions.
Inventory unit costs.
Expenses accounts.
Wire transfer information.
Life insurance policy values.
Bad debt expenses.
Asset/liability accounts.
Source: Richard Lanza, “Digital Analysis- Real World Example,”
IT Audit, July 1, 1999,pp. 1-9.
269
Some Uses of Picalo





Analyzing financial data, employee
records, and purchasing systems for
errors and fraud
Importing Excel, XML, EBCDIC, CSV, and
TSV files into databases
Interactively analyzing network events,
web server logs, and system login
records
Importing email into relational or textbased databases
Embedding controls and fraud testing
routines into production systems
270
Picalo Architecture

Detectlets allow non-programmers to run
analysis routines created by others
.
271
When Benford Analysis Is or Is Not Likely
Useful
When Benford Analysis is Likely Useful
Examples
Sets of numbers that result from
mathematical combination of numbersResult comes from two distributions.
Accounts receivable (number
sold times price). Accounts
payable (number bought
times price).
Transaction-level data – No need to sample.
Disbursements, sales,
expenses.
On large data sets – The more observations,
the better.
Full year’s transactions.
Accounts that appear to conform – When
the mean of a set of numbers is greater than
the median and the skewness is positive.
Most sets of accounting
numbers.
When Benford Analysis Is Not Likely
Useful
Examples
Data set is comprised of assigned numbers
Check numbers, invoice
numbers, zip codes.
Numbers that are influenced by human
thought.
Prices set at psychological
thresholds ($1.99), ATM
withdrawals.
Accounts with a large number of firmspecific numbers.
An account specifically set up
to record $100 refunds.
Accounts with a built in minimum or
maximum.
Set of assets that must meet a
threshold to be recorded.
Where no transaction is recorded.
Thefts, kickbacks, contract
rigging.
Source: Durtschi, Hillison, and Pacini, “The Effective Use of Benford’s Law to Assist in
Detecting Fraud in Accounting Data,” J. of Forensic Accounting, Vol. V, 2004, p. 24.
272
Market Segment Specialization
Program
The Market Segment Specialization
Program focuses on developing highly
trained examiners for a particular market
segment. An integral part of the approach
used is the development and publication
of Audit Technique Guides.
These Guides contain examination
techniques, common and unique industry
issues, business practices, industry
terminology, and other information to
assist examiners in performing
examinations. A forensic accountant can
use this resource to learn about a
particular industry.
http://www.irs.gov/business/small/article
/0,id=108149,00.html
273
Acquisition/Payment Cycle
From 62 standard audit procedures, external and
internal auditors judged these 20 procedures to be
more efficient is detecting fraud in the acquisition and
payment cycle (in descending order).
• Examine bank reconciliation and observe whether
they are prepared monthly by an employee who is
independent of recording cash disbursement or
custody of cash.
• Examine the supporting documentation such as
vendor’s invoices, purchase orders, and receiving
reports before signing of checks by an authorized
persons.
• Examine the purchase requisitions, purchase orders,
receiving reports, and vendors’ invoices which are
attached to the vouchers for existence, propriety,
reasonableness and authenticity.
•Examine internal controls to verify the cash
disbursement are recorded for goods actually rendered
to the company.
•Discuss with personnel and observe the segregation
of duties between accounts payable and custody of
signed checks for adequacy.
Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the
Fraud Detection Effectiveness of Standard Audit Procedures,” Journal
of Forensic Accounting, Vol. 4, 2003, p. 204-205
274
Acquisition/Payment Cycle (Contd.)
• Confirm inventories in public warehouse and on
consignment.
•Examine internal controls to insure the vendor’s
invoices, purchase orders, and receiving reports are
matched and approved for payment.
• Examine internal controls for the following
documents: vendor’s invoices, receiving reports,
purchase orders, and receiving reports.
• Trace a sample of acquisitions transactions by
comparing the recorded transactions in the purchase
journal with the vendor’s invoices, purchase
requisitions, purchase orders, and receiving reports.
• Establish whether any unrecorded vendors’ invoices
or unrecorded checks exist.
• Examine the internal control to verify the proper
approvals of purchase requisitions and purchase
orders.
• Reconciled recorded cash disbursement with
disbursements on bank statements.
Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the
Fraud Detection Effectiveness of Standard Audit Procedures,” Journal
275
of Forensic Accounting, Vol. 4, 2003, p. 204-205
Acquisition/Payment Cycle
(Contd.)
• Discover related party transactions.
• Examine the internal control to verify the approvals
of payments on supporting documents at the time that
checks are signed.
• Discuss with personnel and observe the procedures
of examining the supporting documentation before the
signing of checks by an authorized person.
• Examine canceled checks for authorized signatures,
proper endorsements, and cancellation by the bank.
• Account for the numerical sequence of prenumbered documents (purchase orders, checks,
receiving reports, and vouchers).
• Trace a sample of cash payment transactions.
• Trace resolution of major discrepancy reports.
Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the
Fraud Detection Effectiveness of Standard Audit Procedures,” Journal
of Forensic Accounting, Vol. 4, 2003, p. 204-205
276
Sales/Collection Cycle
These 10 standard audit procedures were judged as
being more effective for detecting fraud in the sales
and collection cycle (in descending order)
• Observe the proper and appropriate segregation of
duties.
• Review monthly bank reconciliation and observe
independent reconciliation of bank accounts.
• Investigate the difference between accounts
receivable confirmation and customer account
receivable balances in the subsidiary ledger and
describe all these exceptions, errors, irregularities, and
disputes.
• Review sales journal, general ledger, cash receipts
journal, accounts receivable subsidiary ledger, and
accounts receivable trial balance for large or unusual
amounts.
• Verify accounts receivable balance by mailing
positive confirmations.
Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the Fraud
Detection Effectiveness of Standard Audit Procedures,” Journal of Forensic
Accounting, Vol. 4, 2003, p. 209
277
Sales/Collection Cycle (Contd.)
• Examine internal controls to verify that each
cash receipts and credit sales transactions are
properly recorded in the accounts receivable
subsidiary ledger.
• Examine subsequent cash receipts and the
credit file on all accounts over 120 days and
evaluate whether the receivable are collectible.
• Compare dates of deposits with dates in the
cash receipts journal and the prelisting cash
receipts.
• Examine copies of invoices for supporting the
bills of lading and customers’ orders.
Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the
Fraud Detection Effectiveness of Standard Audit Procedures,”
Journal of Forensic Accounting, Vol. 4, 2003, p. 209
278
Inventory/Warehouse Cycle
These 14 standard audit procedures were
judged by external and internal auditors as being more
effective for detecting fraud in the inventory and
warehousing cycle (in descending order):
• Discover related party transactions.
• Follow up exceptions to make sure they are resolved.
• Review major adjustments for propriety.
• Review inventory count procedures: a. Accounting for
items in transit (in and out); b. Comparison of counts with
inventory records; and c. Reconciliation of difference
between counts and inventory records.
• Review adequacy of physical security for the entire
inventory.
• Confirm inventories in public warehouse.
• Review procedures for receiving, inspecting, and storing
incoming items and for shipments out of the warehouses.
Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the
Fraud Detection Effectiveness of Standard Audit Procedures,” Journal
of Forensic Accounting, Vol. 4, 2003, p. 206-207
279
Inventory/Warehouse Cycle (Contd.)
• Trace shipments to sales records, inventory records,
and bill of lading (shipping documents).
• Determine if access to inventory area is limited to
approval personnel.
• Observe the physical count of all location.
• Recount a sample of client’s counts to make sure the
recorded counts are accurate on the tags (also check
descriptions and unit of count, such as dozen or gross)
• Trace inventory listed in the schedule to inventory
tags and the auditor’s recorded counts for existence,
descriptions, and quantity.
• Trace shipments to sales journal.
• Perform compilation tests to insure that inventory
listing schedules agrees with the physical inventory
counts.
Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the
Fraud Detection Effectiveness of Standard Audit Procedures,” Journal
of Forensic Accounting, Vol. 4, 2003, p. 206-207.
280
Payroll/Personnel Cycle
These 12 standard audit procedures were judged the
more effective for detecting fraud in the payroll and
personnel cycle (in descending order):
• Sample terminated employees and confirm that they are
not included on subsequent payrolls and confirm propriety
of termination payments.
• Observe the actual distribution of payroll checks to the
employees.
• Observe the duties of employees being performed to
insure that separation of duties between personnel,
timekeeping, journalizing payroll transactions, posting
payroll transactions, and payroll disbursement exists.
• Examine internal controls to verify that hiring, pay rates,
payroll deductions, and terminations are authorized by the
personnel department.
• Sample personnel files and physically observe the
presence of personnel in the work place.
Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the
Fraud Detection Effectiveness of Standard Audit Procedures,” Journal
of Forensic Accounting, Vol. 4, 2003, p. 208.
281
Payroll/Personnel Cycle (Contd.)
• Examine internal control over payroll records
to verify that payroll transactions are properly
authorized.
• Discover related party transactions.
• Review the files of new hires for appropriate
approvals, pay rates, and dates of accession.
• Review the payroll journal, general ledger, and
employee individual pay records for large or
unusual amounts.
• Examine internal controls to verify that
unclaimed payroll checks are secured in a vault
or safe with restricted access.
• Examine internal controls to verify that
employee time cards and job order work tickets
are reconciled.
•Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the
Fraud Detection Effectiveness of Standard Audit Procedures,” Journal
of Forensic Accounting, Vol. 4, 2003, p. 208.
282
Class Discussion
How can you defraud your
own organization, working either
from the inside or outside?
------------------------------------------“Fraudsters … identify and exploit
weaknesses specific to the
organization.”
Herling, D.J., and J. Turner, “Fraud: Effective Use of Legal Remedies for Corruption,”
9th International Anti-Corruption Conference, October 13, 1999. PowerPoint
presentation slide 56. http://
www.transparency.org/iacc/9th_iacc/papers/day3/ws1/dnld/d3ws1_djherling.ppt
283
Exercises
1.
2.
3.
4.
5.
You receive a tip on the company’s hot line that
there has been some fraud in the collections
area. What five audit steps would you suggest
using in order to find the fraud?
During a brainstorming session, a suggestion is
made that the most likelihood of fraud in a
particular division is in the area of acquisition
and payment cycle. Outline five audit steps to
help find any potential fraud.
While auditing a company you notice an
employee in payroll who is living beyond his
means (e.g., clothes, automobiles, housing). His
wife does not work. Suggest six audit steps to
help satisfy you there is no fraud in the payroll
and personnel cycle.
An anonymous e-mail is sent to an internal
auditor that there is fraud in the inventory/
warehousing cycle. Suggest some appropriate
audit steps.
What is meant by the hockey stick pattern?
284
Characteristics of Less Complex
IT Environments




Transaction processing. Data inputs can
be readily compared or reconciled to system
outputs. Management tends to rely primarily
on manual controls over transaction
processing.
Software. The company typically uses offthe-shelf packaged software without
modification. The packaged software
requires relatively little user configuration to
implement.
Systems configurations. Computer
systems tend to be centralized in a single
location, and there are a limited number of
interfaces into the system.
End-user computing. The company is
relatively more dependent on spreadsheets
and other user-developed applications,
which are used to process, accumulate,
summarize, and report the results of
business operations, and perform
straightforward calculations using relatively
simple formulas.
Source: PCAOB, October 17, 2007, pp. 26.
285
Evaluating Management’s
Oversight






Whether management recognizes situations for which
additional expertise is needed to adequately identify and
address risks of misstatement.
How management determines that the outside
professionals possess the necessary qualifications.
Whom management designates to oversee the services and
whether they possess the suitable skill, knowledge, or
experience to sufficiently oversee the outside professionals
(Note: Management is not required to possess the
expertise to perform or re-perform the services).
Whether management has established controls over the
work of the outside accounting professional (e.g., controls
over the exchange of information and controls to test their
work) and over the completeness and accuracy of the
information provided to the outside professional.
How management participates in matters involving
judgment, for example, whether management understands
and makes significant assumptions and judgments
underlying accounting calculations prepared by an outside
professional.
How management evaluates the adequacy and the results
of the services performed, including the form and content
of the outside accounting professional's findings, and
accepts responsibility for the results of the services.
Source: PCAOB, October 17, 2007, pp. 36.
286
Pervasive Control Deficiencies




Ineffective control environment (considering
the risk profile of the company). An
ineffective control environment can increase
the risk associated with a control. Also,
certain controls in the control environment,
such as maintaining financial reporting
competencies, might be necessary for the
effective functioning of other controls.
Ineffective IT controls or information
systems. For example, ineffective
information systems could impair the
effectiveness of certain IT-dependent
controls.
Pervasive lack of segregation of duties
without appropriate alternative controls.
When a person performs two or more
incompatible duties, the effectiveness of
some controls might be impaired without
appropriate alternative controls.
Frequent management override of controls.
A control that is frequently overridden is less
likely to operate effectively.
Source: PCAOB, October 17, 2007, pp. 46.
287
Market Segment Specialization
Program
The Market Segment Specialization
Program focuses on developing highly
trained examiners for a particular market
segment. An integral part of the approach
used is the development and publication
of Audit Technique Guides.
These Guides contain examination
techniques, common and unique industry
issues, business practices, industry
terminology, and other information to
assist examiners in performing
examinations. A forensic accountant can
use this resource to learn about a
particular industry.
http://www.irs.gov/business/small/article
/0,id=108149,00.html
288
Rest Of The Story:
Fraudsters Should Be Prosecuted
Although large frauds may be reported to
law enforcement agencies, smaller frauds
are often not reported.
This failure to report fraud incidents and the
reluctance of police to aggressively tackle
the issue only empowers the fraudsters and
diminishes the victims. Ultimately, these
unreported incidents are precursors to
larger and larger acts of violence. If we do
not deal with simple crimes, we will
eventually have to deal with homicide.
Source: Stephen Doherty, “How Can Workplace
Violence Be Deterred,” Security Management, April
2002, p. 134.
289
Use IRS Form 1099 Threat
For fraudsters and embezzlers,
use the threat of filling a Form 1099
for amounts stolen.
 Ask for an installment payback.
 If they stop payment, report them
to the IRS on a Form 1099.

290
KPMG provides 10 steps to follow when an
organization finds or suspects fraud:
1.
2.
3.
4.
5.
Shut the door! Keep assets secure until
you can provide appropriate long-term
security.
Safeguard the evidence. Ensure that all
records and documents necessary for
an investigation remain intact and are
not altered by you or anyone else.
Notify your insurer. Failure to notify may
negate your coverage.
Call a professional. Do not confront or
terminate the employment of a
suspected perpetrator without first
consulting your legal advisor.
Prioritize your objectives. What’s most
important: punishment, loss recovery,
prevention, detection of future
occurrences?
291
KPMG’s 10 steps to follow contd..
6.
7.
8.
9.
10.
Consider prosecution. Before you make
the call, weigh the plusses and
minuses and determine if your
insurance company requires
prosecution.
Terminate business relations. If the
fraud is external, business relations
with the suspect individual or
organization should be terminated.
Seek advice and assistance. An
important consideration is whether you
have the knowledge and resources
necessary to effectively manage the
process.
Prepare a witness list. It is important
that statements be taken before a
“party line” can develop.
Consider the message. Whatever you
do will affect future situations. Now
may be the time to change the way your
292
business operates.
Catch Me If You Can
Punishment for fraud and recovery of
stolen funds are so rare, prevention
is the only viable course of action.
Frank W. Abagnale
30 years ago Abagnale cashed $2.5
million in fraudulent checks in every
state and 26 foreign countries. Was
later associated with the FBI for 25
years.
293
Over-all Fraud Plan
Background checks
 Avoid Nepotism
 Signed Conditions of Employment Agreement
 Non-compete Agreement
 Confidentiality of Information Agreement
 Bonding
 Two-signatures on checks/ wire transfers/ lines
of credit
 Lockbox
 Positive pay
 Check security and restrictive endorsements
 Check stock (can not be scanned and it smears
easily)
 Close out cash registers at unpredictable times
 Back up computer files
 Accounting personnel can not cancel debt
 Have an internal audit
 CEO signs numbered check request form

E.J. McMillan, Policies and Procedures to Prevent Fraud &
Embezzlement, 2006, John Wiley.
294
Types of Misappropriations


Embezzlement
Cash and check
schemes







Larceny of cash
Skimming
Swapping checks
for cash
Check tampering
Kiting
Credit card refund
and cancellation
schemes

Inventory fraud



Fictitious
disbursements



Accounts receivable
fraud



Lapping
Fictitious
receivables
Borrowing against
accounts receivable
Stealing
inventory
Short shipments
with full prices


Doctored sales
figures
Sham payments
Price
manipulations:
land flipping,
pump and dump,
and cybersmearing
Money
laundering
Bid rigging
295
How Cash Is Misappropriated
%
Median Loss
Skimming
18.9%
$76,000
Cash larceny
14.2%
73,000
Billings
28.3%
130,000
Expense
Reimbursements
19.5%
25,000
Check Tampering
17.1%
120,000
Payroll
13.2%
50,000
Wire transfers
6.5%
500,000
Register Disbursements
1.7%
26,000
Inflow:
Disbursements:
Source: 2006 Wells Report, ACFE.
296
Cash Wheel
Accounts Receivable
Adjusting Entries
Accounts Payable
Depreciation
Accruals
Cash
Source: Fraud Auditing Small Businesses With The Wheel , James A. Goldstine
297
Some Employee Schemes

Embezzlement/skimming involves
converting business receipts to
one’s personal use and benefit, by
such techniques as cash register
thefts, understated/unrecorded
sales, theft of incoming checks etc.
298
Some Skimming Schemes (off-book)



Unrecorded sales.
Theft of incoming checks.
Swapping checks for cash.
Auditing Suggestions
 Compare receipts with deposits.
 Surprise cash count.
 Investigate customers complaints.
 Gross profit analysis (also for money
laundering).
 Check for reversing transactions, altered
cash counts, and register tapes that are
“lost.”
 Camera surveillance.
299
Preventive Measures






Segregation of duties, mandatory
vacations, and rotation of duties
help prevent cash larceny.
Review and analyze each journal
entry to the cash account.
Two windows at drive-through
restaurants.
Signs: Free meal if no receipt.
Blank checks and the automatic
check signing machine should be
kept in a safe place from employees.
Pre-numbered checks should be
logged and restricted to one
responsible employee. Require two
signatures on cashier checks.
300
Processing Checks Best Procedure
Step 1. The invoice is approved for payment.
Step 2. A check request form is completed.
Step 3. The CEO approves the check
request.
Step 4. The check request is forwarded to
accounting.
Step 5. Accounting processes the check.
Step 6. The CEO signs the check.
Step 7. A second designated employee (who
does not approve the payment and is
not in the accounting department)
should cosign the check. Therefore, 4
people involved.
E.J. McMillan, Policies & Procedures to Prevent Fraud & Embezzlement,
John Wiley, 2006, p.44.
301
Processing Checks Best Procedure









Invoice is approved for payment.
Check request form is prepared.
The CEO approves/ signs the numbered
check request form.
Check request form is forwarded to
accounting.
Accounting processes the check.
The check is signed by two authorized
individuals.
The check is mailed.
The bank statements are sent to the CEO’s
home (or P.O. box) for review.
The CEO forwards the reviewed bank
statements to accounting for reconciliation.
E.J. McMillan, Policies & Procedures to Prevent Fraud &
Embezzlement, John Wiley, 2006, p.45.
302
Some Employee Schemes (contd .)
Kiting: building up balances in bank
accounts based upon floating
checks drawn against similar
accounts in other banks. Wire
transferring makes kiting easier.
Auditing Suggestions
 Look for frequent deposits and
checks in the same amount.
 Large deposits on Fridays.
 Short time lag between
deposits/withdrawals.
 Bank reconciliation audit [cut-off
bank statement].
303
Some Employee Schemes (contd …)
Cut-off Bank Statement
 Shorter period of time (10-20
days).
 Bank statement sent directly to
fraud auditors.
 Compare the cancelled checks,
etc. with the cut-off bank
statement.
 Helpful for finding kiting and
lapping.
304
Cash Schemes
Other Cash Schemes
 Theft of checks (bottom or middle
of checks).
 Checks may be intercepted or
payee altered (washing checks).
 Forged endorsements
(disappearing ink).
 Stolen credit cards.
 Refund schemes.
 Kickback schemes.
305
Refund Schemes



A television station’s former
accounting director pleaded guilty
to stealing more $1.8 million from
her employees and spending it on
jewelry, paintings, and fur coats.
She would overpay the station’s
travel bills and divert the refunds
to her own credit card bills and
personal accounts.
She was sentenced to 7 ½ years
in prison on a single count of theft
from CBS affiliate WBBM – TV
Source: AP, “Ex-Accountant at CBS Affiliate Sentenced,” Las Vegas
Sun, November 5, 2003.
306
Accounts Receivable Schemes
Lapping.
 Fictitious receivables [for a
fictitious sale], which is later
written off.
 Borrowing against receivables
(use receivable as collateral).
 Improper posting of credits
against receivables.

307
Lapping
Lapping


Recording of payment on a customer’s
account some time after receipt of
payment. Later covered with receipt from
another customer (robbing Peter to pay
Paul).
Lapping is more successful where one
employee has both custody of cash and
record keeping responsibility.
308
Warning Signs of Lapping
• Increase in complaints.
• Excessive billing errors.
• Delays in posting customer
payments.
• Trend of decreasing accounts
receivable payments.
• Accounts receivable details do
not agree with the general
ledger.
309
Lapping (cont.)
Audit Steps
 Independently verifying
customers who do not pay.
 Reviewing write-offs.
 Reviewing customers’
complaints.


Compare the checks on a sample
of deposit slips to the details of
the customers’ credits that are
listed on the day’s posting to the
customer’s account receivables.
Closely monitor aging accounts.
310
How Non-Cash Assets are
Misappropriated – 2006
Category
%
Median Loss
Inventory
16.6%
$55,000
Information
3.6%
78,000
Securities
1.5%
1,850,000
Source: 2006 Wells Report, ACFE.
311
Inventory
Inventory Fraud
 Stealing inventory/supplies for personal use or
for sale at flea markets/garage sales.
 Kickback schemes (vendor/supplier and an
employee). Sale of unreported inventory at
inflated prices.
Audit Steps for Inventory Fraud
 Use renumbered inventory tags matched to
count sheets; use count procedures for workin-progress items; separate duties between
purchasing and logging receipts of shipments
 Check for same vendors.
 Prices higher than other vendors.
 Purchasing agent does not take vacation.
 Only photocopies of invoices are available.
 Aging of inventory.
 Inventory turnover
 There is data-mining software.
312
Stealing Diamond Inventory


Farrah Daly was charged with
stealing at least 39 diamonds (1
to 3 carats), one at a time over
several years from a diamond
sorting area.
She and her husband allegedly
had friends and others sell the
approximately $500,000 worth of
diamonds at pawn shops and
jewelry stores.
Source: AP, “Ohio Woman Accused of Stealing Diamonds,”
Las Vegas Sun, November 10, 2003.
313
Accounts Payable Fraud Red Flags

Duplicate payments (2% of total purchases)
$80 million times 2% = $1.6 million loss.
Extract only the numerical digits of an invoice
number and match on only the numbers portion of
the invoice.
Try identifying the dates that are similar such as
dates that are less than 14 days.
Try matching on the absolute value of the amount.
2.
Rounded-amount invoices.
3.
Invoices just below approval amounts.
4.
Abnormal invoice volume activity (two invoices one
month and 60 the next).
5.
Vendors with sequential invoice numbers.
LC 0002, LC 0003, LC 0004
6.
Above average payments per vendor.
1.


C. Warner and B. G. Dubinsky, “Uncovering Accounts Payable
Fraud,” Fraud Magazine, July/ August 2006, pp. 29-51.
314
Look For Fraud Symptoms
Source
Documents.
Journal Entries.
Accounting Ledgers.
315
Source Documents
Checks.
 Employee time cards.
 Sales invoices.
 Shipping documents.
 Expense invoices.
 Purchase documents.
 Credit card receipts.
 Register tapes.

316
Source Documents Fraud Symptoms
Photocopies
of missing documents.
Counterfeit/false documents.
Excessive voids/credits.
Second endorsements.
Duplicate payments.
Large numbers of reconciling items.
Older items on bank reconciliations.
Ghost employees.
Lost register tapes.
Lots of round numbers.
Too many beginning 9’s.
317
Journal Entries Fraud Symptoms
Out-of-balance.
Lacking
supporting documents.
Unexplained adjustments.
Unusual/numerous entries at end
of period.
Written entries in computer
environment.
Many round numbers.
Too many beginning 9’s.
318
Controls Over Journal Entries


Controls that prevent or detect unauthorized
journal entries can reduce the opportunity
for the quarterly and annual financial
statements to be intentionally misstated.
Such controls might include, among other
things, restricting access to the general
ledger system, requiring dual
authorizations for manual entries, or
performing periodic reviews of journal
entries to identify unauthorized entries.
As part of obtaining an understanding of the
financial reporting process, the auditor
should consider how journal entries are
recorded in the general ledger and whether
the company has controls that would either
prevent unauthorized journal entries from
being made to the general ledger or directly
to the financial statements or detect
unauthorized entries. Tests of controls over
journal entries could be performed in
connection with the testing of journal entries
required by AU sec. 316.
Source: PCAOB, p. 21.
319
Unusual Entries
Officer Loan
Cash
$40,000
Officers Salary
Officer Loan
$40,000
Staff Salaries
Officers Salary
$40,000
$40,000
$40,000
$40,000
----------------------------------------
Cost of Goods Sold
Inventory
$35,000
$35,000
[No related sales transaction]
---------------------------------------Allowance of Bad Debts $32,000
Account Receivables
$32,000
---------------------------------------Expense accounts where no department or person has control
 General maintenance account
 General transportation account
 Stationary/ general office supplies
 Scrap disposal accounts
 Suspense and cash sweep accounts
 Deferred asset or liability
 Contra-accounts (bad debt reserve, accumulated depreciation)
 Intercompany accounts
 Accounts over which a sole, domineering, incompetent, or frequently absent
individual has control.
320
Ledger Fraud Symptoms



Underlying assets disagree.
Subsidiary ledger different than
general ledger.
Investigate and reconcile
differences between control
accounts and supporting ledger.
Difference may be concealed
fraud.
321
Which of these statements are false?
a.
b.
c.
d.
e.
f.
g.
A high degree of competition accompanied by
declining margins would be an example of an
opportunity for fraudulent financial reporting.
Personal guarantees of debt of a company that
are significant to one’s personal net worth is an
example of a pressure/incentive for fraudulent
financial reporting.
A heavy concentration of one’s wealth in a
particular company would be an example of a
rationalization condition for fraudulent financial
reporting.
An excessive interest by management in
maintaining a company’s stock price is an
example of rationalization for fraudulent financial
reporting.
Anticipated future layoff would be an example of
an incentive to misappropriate assets.
A large amount of cash on hand would be an
example of a rationalization to misappropriate
assets.
Inadequate internal controls is an example of an
opportunity to misappropriate assets.
322
Which of these statements are false?
a.
b.
c.
d.
e.
f.
g.
A high degree of competition accompanied by
declining margins would be an example of an
opportunity for fraudulent financial reporting. F
(I/P)
Personal guarantees of debt of a company that
are significant to one’s personal net worth is an
example of a pressure/incentive for fraudulent
financial reporting. T
A heavy concentration of one’s wealth in a
particular company would be an example of a
rationalization condition for fraudulent financial
reporting. F (I/P)
An excessive interest by management in
maintaining a company’s stock price is an
example of rationalization for fraudulent financial
reporting. T
Anticipated future layoff would be an example of
an incentive to misappropriate assets. T
A large amount of cash on hand would be an
example of a rationalization to misappropriate
assets. F (O)
Inadequate internal controls is an example of an
opportunity to misappropriate assets. T
323
Payroll
Payroll Schemes
 Ghost Employee: A person on the
payroll who does not work for that
company.
 False Workers’ Compensation
claims: Fake injury to collect
disability payments.
 Commission schemes: Falsify
amount of sales or the
commission rate.
 Falsify hours and salary:
Exaggerate the time one works or
adjusts own salary.
324
Stop Ghost Employees







Ensure that the payroll preparation, disbursement and
distribution functions are segregated.
Look for paychecks without deductions for taxes or
Social Security. Completely fictitious employees
frequently don’t have any.
Examine payroll checks that have dual endorsements.
Although most of them are legitimate, two signatures
could signal the forgery of a departed employee’s
endorsement, which the thief also endorses and
deposits into his or her own account.
Use direct deposits. This method, although not
foolproof, can cut down on payroll chicanery by
eliminating paper paychecks and the possibility of
alteration, forgery and most theft, although it doesn’t
prevent misdirection of deposits into unauthorized
accounts.
Check payroll records for the presence of duplicate
names, addresses and Social Security numbers.
On occasion, hand-deliver paychecks to employees and
require positive identification. If you have leftover
paychecks, make sure they belong to actual employees,
not ghosts.
Be wary of budget variations in payroll expense. Higherthan-budgeted labor costs can indicate ghost
employees.
Source: J. T. Wells, “Keep Ghosts Off The Payroll,” Journal of Accountancy,
December 2002.
325
Some Employee Schemes (contd …)
Fictitious Disbursements
 Multiple payments to same payee.
 Multiple payees for the same product or
service.
 Inflated invoices.
 Shell companies and/or fictitious
persons.
 Bogus claims (e.g., health care fraud and
insurance claims).
 Overstate refunds or bogus refunds at
cash register.
 Many fictitious expense schemes (e.g.,
meals, mileage, sharing taxi, claiming
business expenses never taken).
 Duplicate reimbursements.
 Overpayment of wages.
326
Some Employee Schemes (contd …)
Other Fraud Schemes
 Stealing inventory/scrap.
 Stealing property.
 Theft of proprietary assets.
 Personal use of assets.
 Shoplifting.
 False down grading of products.
 A land flip involves a situation where a
company decides to purchase land for a
project. A person or group will find the land and
buy it under a front name or company. The
fraudster then increases the price of the land
before selling it to the company.
 Money laundering is the use of techniques to
take money that comes from one source, hide
that source, and make the funds available in
another setting so that the funds can be used
without incurring legal restrictions or penalties.
327
Forensic Auditing Steps







Count the Petty Cash Twice in a
Day
Investigate Suppliers (Vendors)
Investigate Customers’ Complaints
Examine Endorsements on
Canceled Checks
Add Up the Accounts Receivable
Subsidiary
Audit General Journal Entries
Match Payroll to Life and Medical
Insurance Deductions
Source: Jack C. Robertson, Fraud Examination for Managers
and Auditors, Austin, TX: Viesca Books, 2000, pp. 213-216.
328
Forensic Auditing Steps (contd …)








Match Payroll to Social Security
Numbers
Match Payroll with Addresses
Retrieve Customer’s Checks
Use Marked Coins and Currency
Measure Deposit Lag Time
Document Examination
Inquiry, Ask Questions
Covert Surveillance
Source: Jack C. Robertson, Fraud Examination for Managers
and Auditors, Austin, TX: Viesca Books, 2000, pp. 213-216.
329
Vendor Allowances
• In exchange for better shelf space or advertisement
mentioning its products, a merchandise vendor will
pay stores an extra fee--an allowance often based
upon the amount of products sold.
• Employees at OfficeMax “fabricated supporting
documents for approximately 3.3 million in claims
billed to a vendor to its retail business.” Six
employees were fired, and CEO Christopher Milliken
resigned.
• The SEC sued three former executives in December
2004 at Kmart Holding Corp. for their role in a $24
million accounting fraud that booked these allowances
early.
•The SEC settled a case in October 2004 with Ahold
NV involving allegations of fraudulent inflation of
promotional allowances at U.S. Foodservice, Inc. unit.
Source: David Armstrong, “OfficeMax Results To Be Restated; CEO Steps
Down,” WSJ, February 15, 2005, p. A-3.
330
Potpourri of Bribes

Vernon Jackson admitted to bribery of Rep. William
Jefferson, D-LA. More than $400,000 to one million
paid to a company controlled by the congressman’s
wife in exchange for help promoting iGate. Gave 24%
stake in iGate and paid $80,000 in travel expenses to
Africa. [$90,000 found in Jefferson’s freezer.]

Two prominent Baton Rouge restaurateurs and four
other businessmen accused of bribing a parish tax
auditor and an undercover FBI agent with cash,
diamonds, trips, whiskey and women to avoid paying
taxes on $10 million, face federal charges.
An indictment alleges Laymon offered an undercover
FBI agent posing as an East Baton Rouge Parish
auditor $800, a weekend trip to Costa Rica and two
prostitutes a day if he concluded that Arzi’s didn’t owe
any sales tax. BR Advocate (12-17-06).
331
Potpourri of Bribes

A Greek prosecutor is investigating claims that
Siemens Greece paid up to $550 million in bribes to
officials at the defense and interior ministries in order
to win a security contract for the 2004 Olympic games
in Athens. A senior Siemens accountant said bribery
was a common practice at Siemens.

A Paris judge launched an investigation into
allegations that Total, a French oil and gas group, paid
bribes to win a $2 billion gas contract in Iran. The
investigation stems from the discovery of $82 million
in two Swiss bank accounts, allegedly by Total to an
Iranian intermediary to help the French company
consortium to win an Iranian contract.

A report claims that AWB, the company responsible for
selling Australia wheat, paid over $221 million to Alia,
a Jordanian hauling company, ostensibly to distribute
its wheat in Iraq. In fact, the money was going to the
Iraq government.
332
Potpourri of Bribes

Armstrong Williams, an American columnist and
television host, was paid $240,000 by the Dept. of
Education to comment regularly on “No Child Left
Behind,” an education-reform bill.

Nineteen individuals indicated for receiving bribes and
rigging bids for school window washing contracts.

Congressman Randy Cunningham, R-Calif., resigned
from Congress (2005), hours after pleading guilty to
taking at least $2.4 million in bribes to help friends
and campaign contributors win defense contracts.
Prosecutors said he received cash, cars, rugs,
antiques, furniture, yacht club dues, moving expenses,
and vacations from four co-conspirators in exchange
for aid in winning defense contracts.

In January 2007, Peter Hartz was given a two year
suspended prison sentence and fines for bribing the
head of the labor union ($3.25 million) for secret
bonuses and fake consultancy fees. Involved sex
holidays and paying for prostitutes for labor officials.
333
Potpourri of Bribes

In the 1950s in the U.S., record companies would
pay money for the broadcast of records on radio,
called payola. Now outlawed.

In England, police interviewed Prime Minister
Tony Blair in February 2007, about allegations
that honors, including seats in the House of Lords
and Knighthoods, were given to individuals who
loaned money to the Labour party ($9.8 million).

Under Bill Clinton, Democratic National
Committee donors were allowed to spend the
night in the Lincoln bedroom for a contribution of
$150,000 (e.g., Chairman of Occidental
Petroleum). Then in 1997, Clinton made an
exception so that OP could pursue a venture in
Sudan.

A lawsuit in February 2007, alleged that Intel
provided secret kickbacks to Dell in order to
ensure it remained the computer makers sole
microprocessor supplier.
334
Bribes/ Kickbacks Scenario
Something of Value
Later Influence an Official Act
Cash
Gifts
Trips
Entertainment
Drugs
Sexual favors
Loans
Credit cards
Fees
Spouse’s high salary
Discounts (e.g.,
house)
Awarding Selection
Higher Prices
Excessive Quantity
Accepting Lower Quality
No, Delayed, or Short Delivery
•Prove the corrupting influence
circumstantially through factors on the right,
or outsider received more and more business as
the insider gets more and more value.
•Use indirect methods on employee.
335
Some Bribery Red Flags









Lack of standard invoices.
Requests for fund to be routed to a foreign bank.
Requests for checks made payable to “cash” or to
“the bearer.”
Commission substantially higher than going rate.
Requests for a large line of credit from a customer.
Insistence by a government official that a certain
third-party agent or supplier be used.
Lack of staff or facilities to actually perform the
service.
Request by a local agent for a rate increase in the
middle of negotiations.
Suggested need to utilize more than one local
agent.
Source: M. T. Biegelman and J. T. Bartow, Executive Roadmap
to Fraud Prevention and Internal Controls, John Wiley,
2006, pp. 325-326.
336
Duty to Cooperate
337
Audit Rights
1. Audits under clause 2 may be conducted of:
a)
b)
c)
d)
e)
f)
the Contractor's practices and procedures as they relate to the Contract, including security
procedures;
the manner in which the Contractor performs its obligations under the Contract;
the compliance of the Contractor's invoices and reports with its obligations under the
Contract;
the Contractor's compliance with all its obligations under the Contract;
the Contractor's compliance with its confidentiality, privacy, security and Commonwealth
policy obligations under the Contract; and
any other matters determined by [Agency] to be relevant to the performance of the
Contractor's obligations under the Contract.
2. Audits
i.
The Contractor must participate in audits of the Contract at the frequency and in relation to
the matters specified by [Agency], (including on an ad hoc basis if requested by [Agency]),
for the purpose of ensuring that the Contract is being properly performed and administered.
[Agency] may appoint an independent person to assist in the audits. Audits may consider all
aspects of the Contractor's performance including but not limited to any performance
indicators, benchmarks or targets.
ii.
The Contractor must participate promptly and cooperatively in any audits conducted by
[Agency] or its nominee.
iii.
Except for those circumstances in which notice is not practicable or appropriate (eg. caused
by a regulatory request with shorter notice or investigation of theft or breach of contract),
and without limiting any other right, recourse or remedy of [Agency], must give the
Contractor reasonable notice of an audit and where reasonably practicable an indication of
which documents and/or class of documents the auditor may require.
iv.
Subject to any express provisions in the Contract to the contrary each party must bear its
own costs of any audits.
v.
Subject to clauses 2.6 and 3.6, the requirement for, and participation in, audits does not in
any way reduce the Contractor's responsibility to perform its obligations in accordance with
the Contract.
vi.
[Agency] must use reasonable endeavors to ensure that audits performed pursuant to clause
2.1 do not unreasonably delay or disrupt in any material respect the Contractor's
performance of its obligations under the Contract.
vii.
[Any amendments to the Contract resulting from audits must be effected by agreement in
writing between the parties in accordance with the Contract amendment provisions of the
Contract.]
viii.
The Contractor must promptly take, at no additional cost to [Agency], corrective action to
rectify any error, non-compliance or inaccuracy identified in any audit in the way the
Contractor has under the Contract:
(a) supplied any goods or services; or
(b) calculated fees, or any other amounts or charges billed to [Agency].
338
Purchasing Agent’s Kickback
Checklist












He or she doesn’t take time off.
The purchasing agent has personal financial
problems.
The agent’s lifestyle is too extravagant for his or
her income.
Close personal relationship between purchasing
agent and vendor.
Favoritism toward one vendor.
Excessive purchases from one vendor.
Prices charged are higher than market average.
Expenditures come in just under the review limit.
Multiple purchases over a short period.
Substandard products or services.
Accelerated payment of invoices.
Sole-source purchases of merchandise or services.
Be sure different personnel handle the following duties:
vendor approval, purchase requisitions, purchase
approval, receiving, and payment (e.g., separation of
duties).
Source: J. T. Wells, “The Case of the Pilfering Purchasing Manager,”
Journal of Accountancy, May, 2004.
339
Red Flags for Phantom Vendors








Invoices for unspecified consulting or
other poorly defined services.
Unfamiliar vendors.
Vendors that have only a post-office-box
address.
Vendors with company names consisting
only of initials. Many such companies are
legitimate, but crooks commonly use this
naming convention.
Rapidly increasing purchases from one
vendor.
Vendor billings more than once a month.
Vendor addresses that match employee
addresses.
Large billings broken into multiple smaller
invoices, each of which is for an amount
that will not attract attention.
Source: J. T. Wells, “Billing Schemes Part I: Shell Companies
That Don’t Deliver,” Journal of Accountancy, July, 2002.
340
More Phony Vendors Red Flags








Ensure those involved in purchasing cannot
approve vendors.
Before approving a new vendor, evaluate its
legitimacy by
Obtaining its corporate records and other relevant
documents.
Checking its credit rating.
Confirming that it is listed in telephone directories.
Contacting its references from clients and others.
Being particularly cautious about a vendor with a
post-office-box address or a name composed
entirely of initials.
Determining whether its business address
matches any employee’s home address.
Once the company approves a new vendor, the CPA
should closely monitor the account by



Watching for increases in the amount or frequency
of billings.
Observing variances from budgets or projections.
Comparing its prices with those charged by other
sources.
Source: J. T. Wells, “Billing Schemes Part I: Shell Companies That Don’t
Deliver,” Journal of Accountancy, July, 2002.
341
Some Forensic Accounting
Tools











Chain of Custody.
Questioned Documents.
Continuous Controls.
Timeline Analysis.
Tracing Schedule.
Link Analysis.
Invigilation.
Genogram.
Proof of Cash.
Entity Charts.
Full - and False – Inclusion Tools.
342
Chain of Custody





Just as in the movies or on a
television show such as CSI,
forensic accountants must
safeguard evidence through a
financial chain of evidence.
There must be a way to show that
the evidence has not been
tampered with or damaged.
If documents are seized, the
forensic accountant should put his
or her initials and date of the
seizure on the back of each
document.
Or put the document in a
transparent envelope and write a
description on the envelope.
Store the original and work only with
a copy.
343
Enforcement Manual
Enforcement Manual
History and Custody of Documents
U.S. Department of Labor
Pension and Welfare Benefits
Administration
Date _______________________________
Case Number________________________
Case Name __________________________
22. How were the documents obtained?
____ By consent (note any significant comments of the principal or third party
witness and any unusual circumstances which occurred)?
____ By legal process (describe).
2.
What is the relationship between the documents and the person submitting
them?
22. Were manual transcripts or facsimile copies made of any of the documents
either in whole or in part?.
______ Yes ______No
If Yes, list documents copies. Manner of reproduction
22. Have all copies been compared with the original documents and identified?
_____Yes _____No
If No, why not?
22. Were the original documents described herein under your control or
supervision at all times prior to their return to the principal, third party witness, or
representative?
_____Yes _____No
If No, set forth circumstances of any transfer in control.
22. Did the principal, third party witness, or a representative request access to
the documents during your custody?
___ Yes ___ No
If Yes, who requested access and what action was taken?
Signature ___________________
Title ________________________
PWBA 219
(May 1987)
344
Continuous Monitoring
• Correlation is well suited to environments where there
are (a) a large number of audit units (departments,
divisions, franchisees, or customers, etc.), (b) a series of
time-stamped revenues, expenses or loss amounts, and (c)
the goal of developing a formal process to compare each
audit unit against a valid benchmark.
• Correlation and time-series analysis are techniques that
could be used by forensic accountants in a monitoring
role to find evidence of intentional or unintentional errors
in situations where there are many audit units.
• The techniques could be used to proactively search for
errors without any preconceived belief as to their
existence, magnitude, or pervasiveness, or where the
forensic accountant seeks to provide additional evidence
showing that such errors occurred after the errors were
detected using some other detection method.
• If intentional errors were discovered using other methods
of discovery, then the techniques could be used by the
forensic accountant to show that the revenue or
expenditure or loss streams of an audit unit differed
significantly from a valid benchmark.
M. J. Nigrini, “Monitoring Techniques Available to the Forensic Accountant,” J. of Forensic
Accounting, Vol. 7, 2006, pp. 321-344.
345
Continuous Monitoring
• Management engages an independent outside supplier to
install and manage software to continuously analyze
every transaction within business applications to detect
improper activities and anomalies that indicate errors,
control overrides, and fraud [Oversight Systems].
• The software sorts incidents into errors, misuse, and
fraud (a detective control).
• Suspicious transactions can be identified and categorized
for future follow-up.
• Flag items such as manual income-increasing
adjustments, adjustments made late in the year, large
dollar amounts.
• Large companies with revenues over $1 billion.
• Over the course of a year monitoring each module (e.g.,
A/P, Sales, G/L) is designed to cost approximately the
amount the company would pay for one fulltime internal
auditor per module.
• One company saved $2 million of external auditing fees
for using C/M in the 404 area.
D. R. Hermanson, B. Moran, C. S. Rossie, and D. T. Wolfe, “Continuous Monitoring of Transactions to Reduce Fraud,
Misuse, and Errors,” J. of Forensic Accounting, Vol. 7, 2006, pp. 17-30.
346
Timeline Analysis




Timeline analysis (TA) may be used
to show the chronology of a dispute,
and certain software tools can
prepare trial exhibits.
Investigative analysis software can
show all detail from the beginning of
the event until the apprehension of
the target.
TA helps forensic accountants
communicate the timing of case
related events and summarizes the
investigation.
Each link of the timeline chart
includes a reference to a source or
a direct link to a database. An
insurance fraud scheme timeline
from i2 Inc is shown in the next
Table:
347
Insurance Fraud Scheme
348
Tracing Schedule

A tracing schedule can be
used to show the flow of funds
from bank-to-bank, from bankto-entity, from entity-to-entity,
or from person-to-person.

A tracing schedule is helpful in
money laundering cases.
349
Link Analysis




Link analysis (LA) is a subset of
network analysis which shows
associations between people and
data.
For example, a link analysis could
compare the mailing addresses of
company executives and the cell
phone numbers that they have
dialed during a given time frame.
LA provides crucial relationships
between many objects of different
types that are not apparent from
isolated pieces of data.
Table 5.1 is an example of LA with
respect to the primary suspect,
David Hoover.
Wikipedia, the free encyclopedia, en.wikipedia.org. Stuart Weiss,
“Forensic Accounting Tools and Techniques,” The Value
Examiner, January/ February, 2007, pp. 12-13.
350
Table 5.1 Link Analysis
351
Invigilation




Invigilation is a rather expensive
investigating technique that can be
used in potential fraud situations to
discover the fraud and can later be
used in the courtroom.
Here detailed records are kept
before and after the invigilation
period to determine the amount of
fraud.
During the invigilation period strict
controls are imposed (e.g., cameras)
so that the fraud is virtually
impossible.
Or the invigilation period could be
while the suspect is on vacation.
352
Invigilation Technique
No controls
Controls or
vacation
No controls
14 days
14 days
14 days
$67,000 lost
$0 lost
$62,000 lost
353
Genogram





A genogram is a pictorial display of
personal relationships among
related or unrelated parties.
There are software programs that
are custom designed for
genograms, such as GenoPro 2007
($49 at www.genopro.com).
Simple symbols represent the
gender (box for male and circle for
female), with various lines to
illustrate family relationships.
People who are not related would
not be connected with a line, but
could be placed on the genogram.
They can lead to determining the
motive of a crime or provide
evidence that the person had no
direct involvement in the fraud.
354
Genogram
355
Proof of Cash



The proof of cash procedure is similar to
a bank reconciliation, except more
detailed and extensive.
This procedure can be used to verify that
cash accounts on the books are in
agreement with the cash transactions
recorded by the bank.
The Wyoming Department of Audit’s
proof is shown as Table 5.2.
356
Table 5.2
357
Entity Charts





Entity charts show entities and
owners with the relationship between
them.
The charts can show how income and
assets are diverted, particularly
among seemingly unrelated parties
and entities.
Microsoft Excel drawing tools may be
used to prepare entity charts.
For example, an entity chart could
show the creation date of off-shore
bank accounts and the subsequent
decrease in the target’s U.S. bank
accounts.
Or identification of other unrelated
parties may suggest additional
investigation is needed.
D. D. Dorrell and G. A. Gadawski, “Financial Forensics II,” May, 2005, Vol. 3,
No. 3, p. 50.
358
Full – and – False Inclusion
Tests

These tests are used to ascertain
the proper universe of data under
investigation, so that no
appropriate data is excluded and
no extraneous data is included.

Full-and-false inclusion tests may
be helpful for finding hidden
assets.
359
Questioned Documents
Invoices and other documents may be
fake or altered when
 Font sizes or types are not consistent
 No address is shown for the vendor or
customer; this situation is especially
suspicious if a vendor has not identified an
address to which a check can be sent.
 The document has no identifying numbers
such as invoice number, purchase order
number, or customer number.
 All invoice numbers – on invoices from
vendors – are numbered sequentially, with no
numbers skipped.
 No tax is shown for taxable items.
 No shipping or freight cost is shown for items
that would have been shipped at the
purchaser’s expense.
 Little or no detail is provided on the invoice or
document.
T. W. Golden, S. L. Skalak, and M. M. Clayton, A Guide to Forensic Accounting
Investigation, Hoboken, N.J.: John Wiley & Sons, 2006, pp. 156-157.
360
A Stamp Perforation match
Paper shreds demonstrating different optical properties
under ambient and specialized lighting
Inks of different intensities used on the same
document
361
Exhibit 70A-1
Sample Engagement Letter 1—Litigation Services
CPA & Company
Anytown, USA
September 4, 200X
John A. Smith, Esq.
Smith, Smith & Jones
100 Courthouse Way
Anytown, USA
Dear Mr. Smith:
You have asked me to read and analyze certain documents relating to a lawsuit brought against
your client, XYZ Company. You have also asked that I be available to testify at the time of trial
should you decide to use me as an expert witness. Any written reports or other documents that I
prepare are to be used only for the purpose of this litigation and may not be published or used for
any other purpose without my written consent.
Irrespective of the outcome of this matter, I understand that you will compensate me at my
standard hourly rate (currently $___) for all time spent, including travel, whether or not the
engagement is completed or its results are used. You will also compensate me for any out-ofpocket costs that I may incur. I will submit bills monthly, which are due and payable on receipt
and in all events prior to the commencement of my testimony.
[Optional sentence: Before commencing work on this engagement, I would like a retainer of $___
which will be applied to final billing on this engagement or refunded to the extent that it exceeds
such billing.]
Any controversy or claim arising out of or relating to this contract, or the breach thereof, shall be
settled by binding arbitration, in [insert desired venue], in accordance with the Commercial
Arbitration Rules of the American Arbitration Association, and judgment upon the award rendered
by the arbitrator may be entered in any court having jurisdiction thereof.
I look forward to assisting you in this matter and hope that my services will be beneficial. If you
approve of the engagement terms described above, I would appreciate your signing the enclosed
copy of this letter and returning it to me.
Sincerely yours,
Accepted:
John Jones, CPA
Name of attorney's firm
362
Exhibit 70A-2
Sample Engagement Letter 2—Litigation Services
[Optional additions are bracketed]
CPA & Company
Anytown, USA
September 4, 200X
John A. Smith, Esq.
Smith, Smith & Jones
100 Courthouse Way
Anytown, USA
Dear Mr. Smith:
The purpose of this letter is to summarize our understanding of the assistance that CPA &
Company will provide to you and your client, XYZ, Inc. in the matter of XYZ, Inc. v. ABC
Corporation et al. before the Superior Court of the State of California, County of Los Angeles,
which matter is Case. No. XXXXXX.
You have requested that we assist you with analysis and consultation with regard to the XYZ
litigation matter as you may direct. I would also be prepared to provide testimony at deposition
and trial should you decide that to be appropriate.
I will be responsible for the performance of our engagement with you and your client. My hourly
billing rate is $XXX. From time to time, if necessary, other professionals may also assist when
appropriate and needed. The hourly rates for our professionals are in the following ranges: Senior
managers and managers — $XXX to $XXX; senior accountants and senior consultants — $XXX
to $XXX; and consultants — $XXX to $XXX. [Our hourly rates are subject to change from time
to time. We will advise you immediately if the rates are being adjusted by our firm.]
Fees for our services are based upon the actual time expended on the engagement at the standard
hourly rates for the individuals assigned. In addition to our professional fees, we are reimbursed at
cost for any travel and out-of-pocket expenses. Bills are rendered and are payable monthly as
work progresses. [We reserve the right to defer rendering further services until payment is
received on past due invoices.]
[Our normal practice is to obtain a retainer, and we herewith request such a retainer in the amount
of $XX,XXX. This retainer is not intended to represent an estimate of the total cost of the work to
be performed. The retainer will be held against the final invoice for the engagement; any unused
retainer will be refunded.]
363
Exhibit 70A-2
Sample Engagement Letter 2—Litigation Services
We are certain that you recognize that it is difficult to estimate the amount of time that this
engagement may require. The time involved depends upon the extent and nature of available
information, as well as the developments that may occur as work progresses. It is our intention to
work closely with you to structure our work so that the appropriate personnel from our staff are
assigned to the various tasks in order to keep fees at a minimum.
[Furthermore, you, your client and I, all agree that any dispute over fees charged by our firm in
this engagement will be submitted for resolution by arbitration in accordance with the rules of the
American Arbitration Association. Such arbitration is limited only to the issue of fees charged and
shall be binding and final. In agreeing to arbitration, we each acknowledge that in the event of a
dispute over fees, each of us is giving up the right to have the dispute decided in a court of law
before a judge or jury and instead are accepting the use of arbitration for resolution.]
[You or your law firm or the court itself will advise us (with sufficient notice) of the work to be
performed by us and the requirement for appearance in court. If there is a substitution or change
in the association of attorneys involved in this litigation, we reserve the right to withdraw from this
engagement.]
If the arrangements described in this letter are acceptable to you and the services outlined are in
accordance with your requirements, please sign and return a copy of this letter. We look forward
to working with you in this matter. If I can provide you with any additional information, please do
not hesitate to call me at (555) 123-4567.
The proposed terms of this letter are subject to change if not accepted within 60 days of the date of
this letter.
Very truly yours,
_______________________
(Name and Title)
CPA & Company
The services described in this letter are in accordance with our requirements and are acceptable to
me and my client.
Accepted:
John A. Smith, Esq.
Smith, Smith & Jones
Date
364
365
The End Is
Here
366