1
© 2011 DeVry/Becker Educational Development Corp. All rights reserved.
The copyright in this material is owned by DeVry/Becker Educational Development Corp., or where specifically indicated, by the original creator of the
material. None of this material may be copied, reproduced, republished, or displayed in any form or by any means, including, bu t not limited to, electronic,
mechanical, photocopying, or otherwise, without the prior written permission of DeVry/Becker Educational Development Corp. or the copyright owner.
Accountants' Responsibilities
Regarding Fraud Today, Part 1
2
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 2
Major Topic/Concept Index
Course Section Slide Number Major Topics/Concepts
Employee Fraud 79–133
• Categories
• Financial Statement Fraud Defined
• Methods
Fraud: The CPA's Responsibility 13–57
• General Responsibilities
• Sarbanes-Oxley Act Duties
• Corporate Responsibility
• Independent Auditor
Fraud: The Issues 5–12
• Impact
• The Associated Costs
• The Ways Fraud Is Committed
Prevention of Financial
Statement Fraud 134–141
• Reduce Pressures
• Reduce the Opportunity
• Reduce Rationalizations
Profile of Employees
Who Commit Fraud 58–78
• Three Elements of Fraud
• Pressures/Incentives
• Opportunity
• The Fraud Elements Lesson
3
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 3
Learning Objectives & Program Content
Learning Objectives:
In this first of this two-part course, participants will learn how to help protect companies, employees and
investors from the most common and disastrous forms of fraud today through effective internal control
guidance practices. See how the CPA’s duties relate to fraud and are guided by standards and
legislation. After the completing the session you will be able to:
• Outline the cost of fraud and ways it is committed.
• Define the CPA’s general duties relating to fraud as defined by SAS No. 99, Sarbanes-Oxley,
Private Securities Litigation reform Act, etc.
• Outline the profile of employees who commit fraud.
• Define the major categories of employee fraud, the impact, and how they are committed.
• Identify how to prevent financial statement fraud.
Program Prerequisites: None
Program Level: Basic
Program Content/Course Description:
With fraud devastating to large and small companies alike today – nearly one in four instances caused
at least $1 million in losses, with fraudulent financial statements the most expensive form of fraud –
CPAs are in a unique position to help address this critical issue. In this two-part course you will learn
what motivates people to commit fraud, CPA’s responsibilities and how financial statement fraud can be
prevented.
Advance Preparation: None Field of Study: Auditing
4
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 4
Fraud: The Issues
Fraud: The CPA's Responsibility
Profile of Employees Who Commit Fraud
Employee Fraud
Prevention of Financial Statement Fraud
Resources
5
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 5
Fraud: The Issues
Fraud: The CPA's Responsibility
Profile of Employees Who Commit Fraud
Employee Fraud
Prevention of Financial Statement Fraud
Resources
6
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 6
Fraud: The Issues
I. Fraud: The Issues
A. Fraud's impact must be addressed by all CPAs.
1. To restore and improve public confidence in business and the
accounting profession.
2. CPAs are ideally positioned to help address the issues of
fraud.
3. Fraud has devastated large and small companies, employees,
and investors.
7
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 7
Fraud: The Issues
B. Fraud: The Associated Costs
The Association of Certified Fraud Examiners' (ACFE) 2010 Report
to the Nations on Occupational Fraud and Abuse (covering the
period from January 2008 through December 2009), for the first
time extended beyond U.S. borders to include reported fraud cases
from around the world. The following findings were noted:
1. Occupational fraud and abuse causes 5% of business revenue
to be lost each year. Extrapolated to global output this
represents a potential fraud loss of more than $2.9 trillion.
2. The median loss in this study was $160,000 with nearly ¼ of
the cases causing losses of at least $1 million.
3. Asset misappropriation was the most common type of fraud,
occurring in 90% of all reported cases, but was the least costly,
causing a median loss of $135,000.1
1"Report to the Nations on Occupational Fraud and Abuse." ACFE. 2010. http://www.acfe.com/rttn/2010-rttn.asp. Accessed July 2011.
8
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 8
Fraud: The Issues
4. Fraudulent financial statements represented only 5% of fraud
cases studied, but were the costliest form of fraud with a
median loss of more than $4 million.
KEY POINT
It is worth mentioning that the latest COSO report on Fraudulent Financial
Reporting determined that the average fraud period extended over 31.4 months,
an increase of nearly 8 months from their earlier study released in 1999. This,
despite the fact that the most recent COSO research included data gathered
after the passage of the Sarbanes-Oxley legislation. More information from the
COSO study is included later in this course, including an extended discussion of
the varying methods used by the COSO and ACFE researchers.2
2"Guidance on Fraudulent Financial Reporting: Fraudulent Financial Reporting: 1998-2007 – An Analysis of U.S. Public Companies (2010)." The website of the Committee of
Sponsoring Organizations of the Treadway Commission. http://www.coso.org/FraudReport.htm.
9
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 9
Fraud: The Issues
5. Tips continue to be the most effective method for detecting
fraud, consistent with the AFCE's 2002 study and every annual
study since then.
6. Fraud perpetrators often signal their illicit activity, most
frequently by living beyond their means (43% of cases), and
experiencing financial difficulties (36% of cases).
7. Small businesses (defined as those with less than 100
employees) continue to be the most likely targets for fraud as
these smaller organizations typically lack the controls in place
at larger businesses.1
1"Report to the Nations on Occupational Fraud and Abuse." ACFE. 2010. http://www.acfe.com/rttn/2010-rttn.asp. Accessed July 2011.
10
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 10
Fraud: The Issues
8. Who are the most likely perpetrators?
a. Accounting department personnel (22%)
b. Operations staff (18%)
c. Sales personnel (13.5%)
d. Executives or upper management (13.5%)
e. Customer service (7.2%)
f. Purchasing personnel (6.2%)
KEY POINT
These six groupings accounted for just over 80% of all reported fraud cases in this
most recent ACFE report.1
1"Report to the Nations on Occupational Fraud and Abuse." ACFE. 2010. http://www.acfe.com/rttn/2010-rttn.asp. Accessed July 2011.
11
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 11
Fraud: The Issues
C. The ways fraud is committed consistently fall into three major
categories.
1. These categories are:
a. Misappropriations of assets.
b. Fraudulent financial statements.
c. Corruption.
2. A discussion of these specific types of fraud follows later in this
course, in the section titled "Employee Fraud."
1"Report to the Nations on Occupational Fraud and Abuse." ACFE. 2010. http://www.acfe.com/rttn/2010-rttn.asp. Accessed July 2011.
12
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 12
Fraud: The Issues
KEY POINT
The statistics just cited come from the ACFE report on occupational fraud. As
highlighted later in this course, the COSO study used a different methodology
and focused on financial statement fraud. The COSO study reported a median
fraud of $12.05 million, more than three times larger than the 1999 COSO study
results and six times larger than the ACFE study results (median ACFE financial
statement fraud in the U.S. = $1.73 million).2
Both studies do agree that financial statement fraud is the costliest fraud that
occurs today.
2"Guidance on Fraudulent Financial Reporting: Fraudulent Financial Reporting: 1998-2007 – An Analysis of U.S. Public Companies (2010)." The website of the Committee of
Sponsoring Organizations of the Treadway Commission. http://www.coso.org/FraudReport.htm.
13
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 13
Fraud: The Issues
Fraud: The CPA's Responsibility
Profile of Employees Who Commit Fraud
Employee Fraud
Prevention of Financial Statement Fraud
Resources
14
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 14
Fraud: The CPA's Responsibility
II. Fraud: The CPA's Responsibility
A. Introduction
The general duties with regard to fraud are mandated by a number
of standards and laws including:
1. Sarbanes-Oxley (2002).
2. Statement on Auditing Standards (SAS) No. 99, "Consideration
of Fraud in a Financial Statement Audit" (2002).
3. Private Securities Litigation Reform Act (1995).
15
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 15
Fraud: The CPA's Responsibility
B. General Responsibilities Pertaining to the Management Within
a Company Including Its Officers and Directors
1. Duty of Care
Officers and directors occupy a fiduciary relationship with the
corporation. Directors and officers are required to act in good
faith and with due care. Legally, they are required to exercise
"that degree of care usually expected of a reasonably prudent
and diligent person under similar circumstances."
16
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 16
Fraud: The CPA's Responsibility
2. Duty of Loyalty
Directors and officers must act in the best interest of the
corporation and should refrain from self-dealing.
EXAMPLE
Breaches of the Duty of Loyalty
1. Knowingly and willingly misstating the business results of the company.
2. Approving related party transactions that benefit friends or relatives at the
expense of the company.
3. Padding personal expense report.
4. Accepting kickbacks or bribes.
17
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 17
Fraud: The CPA's Responsibility
C. Sarbanes-Oxley Act Duties
1. Officers and Directors
The Chief Executive Officer and Chief Financial Officer of
public companies must personally certify annual and quarterly
SEC filings (required by Section 302).
2. Corporate Responsibility for Financial Reports
a. SEC report being filed must be reviewed.
b. Financial report must not contain any untrue statements,
or omit any material facts necessary to prevent misleading
statements.
c. Financial statements must fairly present, in all material
respects, the financial position, results of operations, and
cash flows.
"Sarbanes-Oxley Act of 2002." http://www.gpo.gov/fdsys/pkg/PLAW-107publ204/pdf/PLAW-107publ204.pdf. Accessed July 2011.
18
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 18
Fraud: The CPA's Responsibility
3. Public Company Audit Committees
Responsibilities and membership:
a. The audit committee is responsible for overseeing the
appointment, compensation and work done by the audit
firm.
b. Each audit committee member shall be a member of the
issuer's board of directors and shall be independent.
c. The member can only receive compensation from the
issuer for his or her position on the board of directors and
cannot accept any other compensation from the issuer or
be affiliated with the issuer.
d. The SEC can exempt persons from these requirements.
"Sarbanes-Oxley Act of 2002." http://www.gpo.gov/fdsys/pkg/PLAW-107publ204/pdf/PLAW-107publ204.pdf. Accessed July 2011.
19
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 19
Fraud: The CPA's Responsibility
4. The Audit Committee Shall Establish Procedures for:
a. Treatment of complaints received by the issuer regarding
accounting, internal accounting controls and auditing
matters.
b. Confidential, anonymous submission by the issuer's
employees concerning questionable accounting
procedures.
5. Authority and Funding
Audit committees must be sufficiently funded and have
authority to hire independent advisers.
"Sarbanes-Oxley Act of 2002." http://www.gpo.gov/fdsys/pkg/PLAW-107publ204/pdf/PLAW-107publ204.pdf. Accessed July 2011.
20
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 20
Fraud: The CPA's Responsibility
D. Corporate Responsibility (Sarbanes-Oxley Act)
Corporate Responsibility
Title 3, Sections 301-308
Sec. 301
Adds additional provisions to the Securities Exchange Act of 1934 relating to
Audit Committee Standards:
• Makes the Audit Committee responsible for the appointment, compensation
and oversight of the work of any registered public accounting firm employed
by the issuer.
• Requires members of the Audit Committee be on the Board of Directors
and otherwise independent.
• Requires Audit Committees to establish procedures for the receipt,
retention and treatment of complaints received concerning accounting,
internal accounting controls or auditing matters as well as the anonymous
submission by employees concerning questionable accounting or auditing
matters.
"Sarbanes-Oxley Act of 2002." http://www.gpo.gov/fdsys/pkg/PLAW-107publ204/pdf/PLAW-107publ204.pdf. Accessed July 2011.
21
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 21
Fraud: The CPA's Responsibility
Sec. 302
Requires the CEO and CFO to certify with respect to each annual or quarterly
report of the issuer, that:
• The signing officer has reviewed the report, and
• The report fairly presents, in all material respects, the operations and
financial condition.
Sec. 304
CEOs and CFOs must reimburse their companies for any bonuses, incentive-
based or equity-based compensation, and any profits realized from the sale of
securities of the issuer during the one-year period following an accounting
restatement due to material non-compliance.
Sec. 306
Prohibits any director or executive officer of an issuer of any equity security
from, directly or indirectly, purchasing, selling or otherwise acquiring or
transferring any equity security of the issuer during a pension plan blackout
period that temporarily prevents plan participants or beneficiaries from
engaging in equity securities transactions through their plan accounts.
ntinued)
"Sarbanes-Oxley Act of 2002." http://www.gpo.gov/fdsys/pkg/PLAW-107publ204/pdf/PLAW-107publ204.pdf. Accessed July 2011.
Corporate Responsibility (continued)
Title 3, Sections 301-308
22
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 22
Fraud: The CPA's Responsibility
Sec. 307
Requires the SEC to issue rules setting minimum standards of professional
conduct for attorneys appearing and practicing before the SEC, including:
• Requiring attorneys to report evidence of a material violation of securities
law or breach of fiduciary duty or similar violation by the issuer to the
general counsel or CEO of the issuer.
• If the general counsel or officer does not appropriately respond to the
evidence, requiring the attorney to report the evidence to the Audit
Committee or to another committee of the Board comprised solely of
directors not employed by the issuer, or to the Board of Directors.
"Sarbanes-Oxley Act of 2002." http://www.gpo.gov/fdsys/pkg/PLAW-107publ204/pdf/PLAW-107publ204.pdf. Accessed July 2011.
Corporate Responsibility (continued)
Title 3, Sections 301-308
23
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 23
Fraud: The CPA's Responsibility
1. Corporate Responsibility for Financial Reports
Companies filing Forms 10-K and 10-Q reports must have the
CEO, CFO, or similar person certify in each report that:
a. The report is true, does not contain material deficiencies
and fairly represents the issuer's financial position based
on the officer's knowledge.
b. The signing officer is responsible for establishing internal
controls, has designed the controls to ensure that material
information is made known to the officer, and has
evaluated the controls within 90 days of the report.
"Sarbanes-Oxley Act of 2002." http://www.gpo.gov/fdsys/pkg/PLAW-107publ204/pdf/PLAW-107publ204.pdf. Accessed July 2011.
24
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 24
Fraud: The CPA's Responsibility
c. The signing officer has disclosed to the issuer's auditors
and the audit committee all significant deficiencies in
internal control design that might adversely affect the
issuer's ability to process financial data and also any fraud
(whether or not material) involving management or other
employees with a significant role in the issuer's internal
controls.
d. The signing officer has indicated any significant changes
in internal controls that could affect internal controls after
the date of the evaluation.
e. SOX imposes criminal fines of up to $1 million and up to
10 years' imprisonment for knowingly making a
certification that does not comply, and fines of up to $5
million and imprisonment of up to 20 years for willfully
certifying a report that does not comply. "Sarbanes-Oxley Act of 2002." http://www.gpo.gov/fdsys/pkg/PLAW-107publ204/pdf/PLAW-107publ204.pdf. Accessed July 2011.
25
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 25
Fraud: The CPA's Responsibility
2. Prohibition Against Improper Influence on Audits
a. No director or officer may fraudulently influence or mislead
any independent public auditor for purpose of making the
financial statements materially misleading.
b. This rule is enforceable only by the SEC.
3. Forfeiture of Bonuses and Profits
a. If an issuer must restate financial statements because of
misconduct, the CEO and CFO must reimburse the issuer
for any bonus or incentive based compensation received
and turn over any profit made from the sale of the issuer's
securities during a one year period following the filing.
b. The SEC may exempt officers from this rule.
"Sarbanes-Oxley Act of 2002." http://www.gpo.gov/fdsys/pkg/PLAW-107publ204/pdf/PLAW-107publ204.pdf. Accessed July 2011.
26
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 26
Fraud: The CPA's Responsibility
4. Officer and Director Limitations
The SEC may prohibit any person from acting as an officer or
director of an issuer if the SEC finds such person unfit to serve.
5. Prohibition Against Insider Trades During Pension Blackout
Periods
a. Directors, officers and insiders may not purchase or sell the
issuer's securities during a blackout period if the securities
were acquired in connection with their services for the issuer.
b. A blackout period is one where employees were prohibited
from trading securities in an issuer sponsored retirement plan.
c. Any profits resulting from violations of this section are
recoverable by the issuer. Any shareholder can file suit to
recover the profit if the issuer fails to take action against the
officer or director.
"Sarbanes-Oxley Act of 2002." http://www.gpo.gov/fdsys/pkg/PLAW-107publ204/pdf/PLAW-107publ204.pdf. Accessed July 2011.
27
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 27
Fraud: The CPA's Responsibility
6. Section 1513 of Title 18 of the U.S. Code
Creates criminal liability for anyone who knowingly, with the
intent to retaliate, takes any harmful action against a person for
providing truthful information relating to the commission or
possible commission of any federal offense.
7. Section 1514A of Title 18 of the U.S. Code
Creates civil liability for companies that retaliate against
whistleblowers.
28
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 28
KEY POINT
This particular section on whistleblowers only applies to employees of publicly
traded companies. It makes it unlawful to fire, demote, suspend, threaten,
harass, or in any other manner discriminate against an employee for providing
information or aiding in an investigation of securities fraud. However, in order to
trigger these protections, the employee must report the suspected misconduct to
a federal regulatory or law enforcement agency; a member of Congress or a
committee of Congress; or a supervisor.
This protection provided to whistleblowers may be one of the strongest weapons
in the fight against fraud as The Report to the Nations on Occupational Fraud
and Abuse has consistently reported that tips are the single most effective
method for detecting fraud.1
Fraud: The CPA's Responsibility
1"Report to the Nations on Occupational Fraud and Abuse." ACFE. 2010. http://www.acfe.com/rttn/2010-rttn.asp. Accessed July 2011.
29
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 29
Fraud: The CPA's Responsibility
8. Civil and Criminal Penalties for Noncompliance
a. Sarbanes-Oxley increases the jail term for existing crimes
such as mail fraud and wire fraud from five to twenty
years.
b. It makes it a crime to destroy documents and requires
auditors of public companies to keep work papers for at
least five years.
c. It authorizes the SEC to freeze questioned assets during
an investigation, and allows courts to order the
disgorgement of any bonuses received by a CEO or CFO
resulting from the company having to restate its financials
due to misconduct.
30
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 30
Fraud: The CPA's Responsibility
E. Independent Auditor: Sarbanes-Oxley Act
Auditors must timely report the following directly to the audit
committee:
1. All critical accounting policies and practices used.
2. Alternative GAAP methods that were discussed with
management, the ramifications of the use of those alternative
treatments, and the treatment preferred by the auditors.
3. Any other material written communications between the
auditors and management.
31
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 31
Fraud: The CPA's Responsibility
4. Independent Auditor: SAS 99 - Consideration of Fraud in a
Financial Statement Audit - a Result of Sarbanes-Oxley
The certified public accountant has the responsibility "to plan and
perform the audit to obtain reasonable assurance about whether the
financial statements are free of material misstatement, whether
caused by error or fraud."
a. Characteristics
Fraud risk can be evaluated by considering incentives,
pressures, opportunity, attitude and rationalization.
b. Consider How Fraud Is Committed
The engagement team is required to consider the various ways
the client could commit material fraud. The relevant factors are:
1) Nature of the business.
2) Management.
3) Internal controls.
4) Ethical values.
32
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 32
Fraud: The CPA's Responsibility
c. Assessing the risk of material fraud requires the following:
1) Auditors must interview management and other
appropriate personnel of the company to assess the
organization's risk of material misstatements due to
fraud.
2) When performing or planning analytical procedures,
consider unusual or unexpected relationships that
have been identified.
3) Consider whether fraud risk factors are present.
4) With respect to fraud risks and countermeasures,
make inquiry of those charged with audit governance.
5) Consider any other relevant information.
33
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 33
Fraud: The CPA's Responsibility
d. Identify risks that may result in misstatements due to fraud.
1) Assess the significance, likelihood, and pervasiveness
of the risk of fraud.
e. Assess the effect of the entity's programs and controls on
fraud risk.
1) Factors such as control mechanisms over
management override, as well as education,
prevention, and deterrence programs for employees
should all be considered.
34
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 34
Fraud: The CPA's Responsibility
F. Plan Testing Based Upon the Fraud Risk Assessment
Once the auditor has assessed the risk of material misstatement
due to fraud, he or she will determine the nature, extent, and
timing of the audit procedures.
G. Assess Audit Test Results
The auditor will evaluate the test results looking for such things as:
1. Discrepancies in accounting records.
2. Conflicting or missing audit evidence.
3. Problematic or unusual relationships between the client and
the auditor.
35
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 35
Fraud: The CPA's Responsibility
H. Communication with Those Charged with Audit Governance
1. The auditor must notify the client, even when the suspected
fraud is not material to the financial statements.
2. If the suspected fraud is material, or involves senior
management, the auditor must report the incident directly to
those charged with audit governance.
I. Required Audit Documentation
The auditor must document the various steps taken in assessing
the entity's risk of material misstatement due to fraud.
36
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 36
Fraud: The CPA's Responsibility
J. Risk Assessment Standards - SAS Nos. 104-111 issued
March 2006
Resulted in some significant conceptual and terminology changes
to GAAS. More notably, these standards:
1. Expand the definition of the term "reasonable assurance."
2. Require auditors to obtain a sufficient understanding of the
entity and its environment, including its internal control in order
to assess risk and design audit procedures.
3. Replace the term "sufficient competent evidential matter" with
the term "sufficient appropriate audit evidence."
4. Define the terms "audit evidence" and "relevant assertions."
37
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 37
Fraud: The CPA's Responsibility
5. Require consideration of risk at both the financial statement
level and the account balance, class of transactions or
disclosure level.
6. Revise the audit risk model to include just two components,
detection risk and risk of material misstatement (further broken
down into inherent and control risk).
7. Establish documentation requirements related to audit risk and
materiality.
8. Introduce the concept of overall audit strategy and how it
affects the development of the audit plan.
9. Define risk assessment procedures which are used to obtain
an understanding of the entity and its environment including its
internal control.
38
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 38
Fraud: The CPA's Responsibility
K. Public Companies Accounting Oversight Board (PCAOB)
further highlights the importance of risk assessment throughout
AS No. 5.
1. Materiality and risk are functions of the size and complexity of
the organization.
2. The risk assessment influences the selection of controls to test
and the evidence necessary for a given control. Some
examples of accounts and disclosures that should be risk-
assessed include:
a. Reserves and accruals.
b. Non-routine journal entries including significant calculations,
estimates or valuations.
c. Accounts receivable aging and valuations.
d. Returns and allowances.
e. Inventory adjustments.
39
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 39
Fraud: The CPA's Responsibility
3. AS No. 5 emphasizes a number of other key points/concepts.
a. Determination of Significant Accounts and
Disclosures and Relevant Assertions
The role of risk assessment is to determine which controls
would, in the event of failure, be likely to result in a
material error in the financial statements.
b. The Direct Relationship Between the Degree of Risk
that a Material Weakness Could Exist, and the Amount
of Audit Attention Required
PCAOB defines material weakness as "a deficiency or
combination of deficiencies in internal control over
financial reporting such that there is a reasonable
possibility that a material misstatement of the company's
annual or interim financial statements will not be prevented
or detected on a timely basis."
40
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 40
Fraud: The CPA's Responsibility
c. Reasonable Possibility of Material Misstatement
Reasonable possibility is a key component of the definition
of a material weakness.
d. Material Misstatement
Materiality defines the threshold for testing.
41
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 41
Fraud: The CPA's Responsibility
L. Audit Risk
1. What Is Audit Risk?
Audit risk is the risk that the auditor may unknowingly fail to
modify appropriately the opinion on financial statements that
are materially misstated.
a. Audit risk arises because the auditor obtains only
reasonable (and not absolute) assurance about whether
the financial statements are free of material
misstatement.
b. Audit risk should be reduced to a low level before an
opinion on the financial statements is expressed.
42
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 42
Fraud: The CPA's Responsibility
2. The Audit Risk Model
a. Audit risk is comprised of the risk that the financial
statements are materially misstated (risk of material
misstatement, or "RMM") and the risk that the auditor will
not detect such misstatements (detection risk, or "DR").
b. The components of audit risk may be assessed either
quantitatively (e.g., as a percentage), or non-quantitatively
(e.g., high, medium, low, etc.).
AR Audit Risk
(should be low)
=
RMM Risk of Material
Misstatement (assessed by auditor)
×
DR Detection Risk
(controlled by auditor)
43
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 43
Fraud: The CPA's Responsibility
c. Risk of Material Misstatement (RMM)
1) The auditor makes an assessment of the risk of
material misstatement by performing risk assessment
procedures and, where appropriate, tests of controls
(covered later).
2) The risk of material misstatement can be subdivided
into inherent risk ("IR") and control risk ("CR").
44
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 44
Fraud: The CPA's Responsibility
d. Inherent Risk ("IR")
Inherent risk is the susceptibility of a relevant assertion to
a material misstatement, assuming there are no related
controls.
1) Assertions involving complex calculations, amounts
derived from estimates, and cash have relatively
higher inherent risk than assertions without those
characteristics.
2) Other factors specific to the entity and its environment
may also tend to increase inherent risk, such as
technological developments that render a product
obsolete, a lack of working capital, or a decline in the
overall industry.
45
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 45
Fraud: The CPA's Responsibility
e. Control Risk ("CR")
Control risk is the risk that a material misstatement that
could occur in a relevant assertion will not be prevented or
detected on a timely basis by the entity's internal control.
1) Control risk is a function of the effectiveness of the
design and operation of internal control.
2) Some amount of control risk will always exist due to
inherent limitations of any system of internal control.
3) Inherent risk and control risk exist independently of
the audit, and the auditor generally cannot change
these risks.
46
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 46
Fraud: The CPA's Responsibility
KEY POINT
While the auditor generally cannot change the risk of material misstatement, the
auditor can change his or her assessment of the risk as the audit progresses.
If the auditor determines that the risk assessment is no longer low, then a
decision is needed regarding expanding the audit scope and procedures in
order to address this heightened risk of material misstatement.
47
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 47
Fraud: The CPA's Responsibility
f. Detection Risk ("DR")
Detection risk is the risk that the auditor will not detect a
misstatement that exists in a relevant assertion.
1) Detection risk is a function of the effectiveness of audit
procedures and of the manner in which they are
applied.
2) Some amount of detection risk will always exist
because the auditor does not examine 100% of an
account balance or transaction class, and because the
auditor may make mistakes in applying audit
procedures or in interpreting results.
3) Detection risk can be subdivided into tests of details
risk ("TD") and substantive analytical procedures risk
("AP").
4) The auditor can change detection risk.
48
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 48
Fraud: The CPA's Responsibility
M. Effect on the Audit
The auditor's overall judgment about the level of risk in an
engagement will affect the staffing, level of supervision, and scope
of the audit. While auditors use professional judgment to assess
each aspect of audit risk, they can change only the level of
detection risk. The auditor uses his or her assessment of the risk
of material misstatement as a basis for determining an appropriate
level of detection risk.
1. Inverse Relationship of RMM to DR
When the auditor determines that the risk of material
misstatement is high, detection risk should be set at a low
level. Conversely, when the risk of material misstatement is
low, the auditor can justify a higher detection risk.
49
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 49
Fraud: The CPA's Responsibility
2. The Auditor Can Change Detection Risk
The auditor can change the level of detection risk by varying
the nature, extent, and timing of audit procedures. For
example, as the acceptable level of detection risk decreases,
the assurance provided from substantive procedures should
increase. The auditor may:
a. Change the nature of substantive tests from a less
effective to a more effective procedure (e.g., direct test
toward independent parties outside the entity rather than
toward parties or documentation inside the entity).
b. Change the extent of substantive tests (e.g., use a larger
sample size).
50
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 50
Fraud: The CPA's Responsibility
c. Change the timing of substantive tests (e.g., perform
substantive tests at year-end rather than at interim).
Alternatively, if the acceptable level of detection risk
increases, the assurance that must be obtained from
substantive tests decreases, allowing for somewhat less
persuasive evidence to be used, for a reduced extent of
testing, or for more testing to be performed at interim.
3. Substantive Procedures Required
Note that even when the assessed risk of material
misstatement is low, substantive procedures will always be
necessary for all relevant assertions related to material
transaction classes, account balances, and disclosures.
51
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 51
Fraud: The CPA's Responsibility
N. Financial Statement Assertions
1. What are Financial Statements?
Financial statements are not statements of facts. They are
claims and assertions, made implicitly or explicitly by
management, about the recognition, measurement,
presentation, and disclosure of information in the financial
statements.
52
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 52
Fraud: The CPA's Responsibility
2. Categories of Assertions
Assertions used by the auditor fall into three categories:
a. Transactions and Events
1) Completeness. All transactions and events that
should have been recorded have been recorded.
2) (Proper period) Cutoff. Transactions and events have
been recorded in the correct (proper) accounting
period.
3) Accuracy. Amounts and other data relating to
recorded transactions and events have been recorded
appropriately.
4) Classification. Transactions and events have been
recorded in the proper accounts.
5) Occurrence. Transactions and events that have been
recorded have occurred and pertain to entity.
53
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 53
Fraud: The CPA's Responsibility
b. Account Balances
1) Completeness. All assets, liabilities, and equity
interests that should have been recorded have been
recorded.
2) Allocation and Valuation. Assets, liabilities, and equity
interests are included in the financial statements at
appropriate amounts, and any resulting valuation or
allocation adjustments are appropriately recorded.
3) Rights and obligations. The entity holds or controls
the rights to assets, and liabilities are the obligations
of the entity.
4) Existence. Assets, liabilities, and equity interests
exist.
54
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 54
Fraud: The CPA's Responsibility
c. Presentation and Disclosure
1) Completeness. All disclosures that should have been
included in the financial statements have been
included.
2) Understandability and Classification. Financial
information is appropriately presented and described
and disclosures are clearly expressed.
3) Rights and Obligations, and Occurrence. Disclosed
events and transactions have occurred and pertain to
the entity.
4) Valuation and Accuracy. Financial and other
information are disclosed fairly and at appropriate
amounts.
55
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 55
Fraud: The CPA's Responsibility
KEY POINT
The following mnemonic may be used to aid in your memorization of the
financial statement assertions:
CPA CO CARE CURV
Translation: "A CPA CO CAREs about CURVed assertions.“
56
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 56
Fraud: The CPA's Responsibility
3. Independent Auditor: Private Securities Litigation Reform Act
The Private Securities Litigation Reform Act (PSLRA), passed in 1995,
requires additional responsibilities for independent auditors of public
companies. It provides that the audit of the financial statements of a
public company must include the following:
a. Procedures designed to provide reasonable assurance of
detecting illegal acts that would have a direct and material effect
on the determination of financial statement amounts.
b. Procedures designed to identify related party transactions that
are material to the financial statements or otherwise require
disclosure.
c. An evaluation of whether there is substantial doubt about the
ability of the issuer to continue as a going concern during the next
fiscal year.
KEY POINT
The term illegal act is defined to mean any act or omission "that violates any law, rule, or
regulation having the force of law."
57
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 57
Fraud: The CPA's Responsibility
4. Auditor Steps if an Illegal Act Is Detected
a. Determining that an illegal act has occurred:
1) Address the possible effect of the illegal act on the
financial statements.
2) Notify the appropriate level of management
immediately, and verify that the audit committee is
adequately informed.
b. Auditor must determine whether (regarding company
management):
1) Senior management taken "timely and appropriate
remedial actions."
2) The failure to take corrective action "reasonably
expected, warrants departure from a standard report
of the auditor, or resignation from the audit
engagement?"
58
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 58
Fraud: The Issues
Fraud: The CPA's Responsibility
Profile of Employees Who Commit Fraud
Employee Fraud
Prevention of Financial Statement Fraud
Resources
59
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 59
Profile of Employees Who Commit Fraud
III. Profile of Employees Who Commit Fraud
KEY POINT
One of the earliest studies on why employees commit fraud was conducted by
Dr. Donald R. Cressey in 1953. His research method was to conduct extensive
interviews with about 200 inmates at Midwest prisons who had been
incarcerated for embezzlement. His ultimate theory became known as the
'Fraud Triangle,' and is the basis for the employee motives highlighted in these
next slides.3
3"The Small Business Fraud Prevention Manual." ACFE. 2008. http://www.acfe.com/documents/small-business-fraud-2008-excerpt.pdf.
60
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 60
Profile of Employees Who Commit Fraud
A. Three Elements of Fraud
The accepted reason for why "good people" commit fraud is the
following:
1. Pressures/Incentives.
2. Perceived Opportunity.
3. Rationalizations/Attitudes.3
3"The Small Business Fraud Prevention Manual." ACFE. 2008. http://www.acfe.com/documents/small-business-fraud-2008-excerpt.pdf.
61
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 61
Profile of Employees Who Commit Fraud
B. Pressures/Incentives
Pressure is caused by a financial need. The financial problem can
be personal or professional.
1. Cressey's research emphasized that the financial need is
perceived as 'non-sharable.'
a. The failure to share their problem with someone with a
more objective outlook who might have offered an
alternate solution may have contributed to the fraud.
2. Financial problems and their root in "status."
a. All involve some sort of embarrassment, shame, or
disgrace.
b. They threaten the violator's status as a person who is
respected by others.3
3"The Small Business Fraud Prevention Manual." ACFE. 2008. http://www.acfe.com/documents/small-business-fraud-2008-excerpt.pdf.
62
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 62
Profile of Employees Who Commit Fraud
3. Cressey divided "non-sharable" problems into six basic
subtypes:
a. Unable to pay debts.
b. Personal failure such as drug addiction or poor personal
judgment.
c. Business reversals and possibly a business failing.
d. Sense of isolation.
e. Desire to maintain status level beyond their financial
means.
f. Disgruntled employee seeking to 'get even' with
employer.3
3"The Small Business Fraud Prevention Manual." ACFE. 2008. http://www.acfe.com/documents/small-business-fraud-2008-excerpt.pdf.
63
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 63
Profile of Employees Who Commit Fraud
C. Opportunity
1. "Perceived" opportunity creates the means by which the fraud
can be committed.
2. The violator not only has to be able to steal assets, they need
to be able to do so and believe that they will not be caught or
the fraud itself will not be detected.
KEY POINT
This component of the Fraud Triangle identifies why internal controls are
important in fighting employee fraud. When companies establish strong internal
controls and actively communicates their intention to look out for fraud, it
removes this leg of the triangle and possibly prevents employees from stealing
from the company.3
3"The Small Business Fraud Prevention Manual." ACFE. 2008. http://www.acfe.com/documents/small-business-fraud-2008-excerpt.pdf.
64
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 64
Profile of Employees Who Commit Fraud
D. Rationalizations/Attitudes
The majority of violators are first-time offenders with no criminal
past. They do not consider themselves as criminals or thieves.
1. Common Rationalizations
a. They were only borrowing the asset.
b. They were entitled to the asset.
c. They had to steal to provide for their family.
d. They are underpaid/employer had cheated them.
e. Their employer is dishonest to others and deserved it.3
3"The Small Business Fraud Prevention Manual." ACFE. 2008. http://www.acfe.com/documents/small-business-fraud-2008-excerpt.pdf.
65
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 65
Profile of Employees Who Commit Fraud
E. The Fraud Model Does Not Always Apply
1. It does not apply to the "predatory employee" – the violator
who takes a job with the sole intent of stealing from the
company.
2. Frauds are not isolated events; they typically start as small
thefts or misstatements and they eventually increase in size
and frequency.
a. Once an employee is successful in their fraud scheme, the
elements of the Fraud Triangle, (Need, Opportunity, and
Rationalization), diminish in importance.
b. The fraud will typically continue and escalate even after
the initial 'problem' is resolved.
c. As the violator repeats the fraud, it becomes easier to
rationalize until no justification is required.3
3"The Small Business Fraud Prevention Manual." ACFE. 2008. http://www.acfe.com/documents/small-business-fraud-2008-excerpt.pdf.
66
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 66
Profile of Employees Who Commit Fraud
F. The Fraud Elements Lesson
1. When all three factors are present it is more likely that fraud
may occur.
2. When one of the three elements is missing, fraud is much less
likely to occur.
3. Status (not greed) is the single most typical motivator for
occupational fraud.3
3"The Small Business Fraud Prevention Manual." ACFE. 2008. http://www.acfe.com/documents/small-business-fraud-2008-excerpt.pdf.
67
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 67
Profile of Employees Who Commit Fraud
G. The Fraud (Elements) Consideration
1. The Opportunity
The threat of punishment is a non-factor with a violator
because they never expect to get caught.
2. The Rationalization
They do not view their actions as conduct that is or should be
punishable.
3. The Pressures/Incentives
a. The biggest threat to them is that their fraud will be
uncovered.
b. Detection will result in shame.
c. Any punishment that follows is only a secondary
consideration.3
3"The Small Business Fraud Prevention Manual." ACFE. 2008. http://www.acfe.com/documents/small-business-fraud-2008-excerpt.pdf.
68
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 68
Profile of Employees Who Commit Fraud
H. Deterrence Program Elements
An effective deterrence program will directly target the three
elements of fraud. To be effective, the company should:
1. Identify and reduce pressures that might push employees into
committing fraud and/or illegal acts.
2. Identify and reduce perceived opportunities to commit fraud.
3. Educate and communicate in order to dispel rationalizations for
committing fraud.3
3"The Small Business Fraud Prevention Manual." ACFE. 2008. http://www.acfe.com/documents/small-business-fraud-2008-excerpt.pdf.
69
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 69
KEY POINT
The Cressey research is responsible for much of the accepted theory about
employee fraud, but this research is over 50 years old. Also, the data were
gathered from interviews of 200 convicted embezzlers. A more recent study
was published in 1983 by Hollinger-Clark based on interviews with 9000+
American workers. The researchers concluded that workplace conditions and
the resultant job dissatisfaction is the primary cause of employee theft.4
Profile of Employees Who Commit Fraud
4"The Small Business Fraud Prevention Manual." ACFE. 2010. http://www.acfe.com/documents/small-business-fraud-2010-toc.pdf.
70
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 70
Profile of Employees Who Commit Fraud
KEY POINT
Two professional accounting bodies have focused their energies on continuing fraud
research in order to shed light on this issue and, hopefully, assist accountants in
understanding this issue and recognizing risks that may lead to fraudulent practices.
The Committee of Sponsoring Organizations of the Treadway Commission (COSO) is a
joint initiative of the five private sector accounting organizations: the American Accounting
Association, the AICPA, Financial Executives International, the Association for
Accountants and Financial Professionals in Business, and the Institute of Internal Auditors.
COSO defines its mission as one intended to provide "thought leadership through the
development of frameworks and guidance on enterprise risk management, internal control
and fraud deterrence." COSO sponsored several long term studies of fraud.
Their data are compiled from analysis of alleged fraudulent financial reporting by SEC
registrants. They have conducted long-term studies spanning 10-year intervals first in
1987 – 1997. Their most recent report reviewed SEC data from January 1998 through
December 2007 and was issued in 2010. The COSO report involved 347 companies
allegedly involved in fraud based on analysis of 1,335 SEC Accounting and Auditing
Enforcement Releases.2
2"Guidance on Fraudulent Financial Reporting: Fraudulent Financial Reporting: 1998-2007 – An Analysis of U.S. Public Companies (2010)." The website of the Committee of
Sponsoring Organizations of the Treadway Commission. http://www.coso.org/FraudReport.htm.
71
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 71
Profile of Employees Who Commit Fraud
KEY POINT
The Association of Certified Fraud Examiners (ACFE) first completed a report,
Report to the Nations on Occupational Fraud and Abuse in 1996, and has
issued updates biennially since 2002. The most recent study, their sixth report
issued under this title, was released in 2010.
The ACFE reports derive their data from instances of occupational fraud
reported by the certified fraud examiners who investigated the cases. The 2010
report is derived from 1843 cases. The 2010 report also, for the first time,
includes cases from both U.S. and non-U.S. companies.
It is the research findings from these two groups that provide an updated look at
instances of employee fraud, and a profile of the perpetrators.
The two research studies point to similar patterns about the perpetrators of
fraud. The following table highlights their findings about alleged motivations and
red flags for spotting potential perpetrators.1
1"Report to the Nations on Occupational Fraud and Abuse." ACFE. 2010. http://www.acfe.com/rttn/2010-rttn.asp. Accessed July 2011.
72
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 72
Profile of Employees Who Commit Fraud
RESEARCH METHODS COMPARED
COSO Report ACFE Report
Data Source SEC Accounting and Auditing
Enforcement Releases (AAER)
Survey distributed to 22,927
CFEs
Data Included 347 companies described in 1335
AAERs
1843 cases; 'only' 1021 cases
reported in the U.S.
Time Period January 1998 – December 2007
Completed investigations
between January 2008 and
preparation of survey report
Criteria for
Inclusion
Focused on instances of alleged
fraudulent financial reporting by
SEC registrants
Case had to include internal
fraud by individual against their
employer
Study Objective
Examine key company and
management characteristics, and
compare these to non-fraud
companies
Assist professionals who seek to
"deter, detect, prevent or simply
understand the global economic
impact of occupational fraud."
73
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 73
Profile of Employees Who Commit Fraud
Research Findings on Fraud Motivations/'Red Flags'
COSO Report ACFE Report to the Nations
Alleged Motivation for Fraud:
• To meet external analysts earnings
expectations
• To meet internally set financial targets
• To conceal company's deteriorating
financial condition
• To bolster financial position for upcoming
financing
• To increase management compensation
for bonuses and stock appreciation
• To cover up assets misappropriated for
personal gain
Behavioral Red Flags of Perpetrators:
• Living beyond means
• Financial difficulties
• Control issues; unwilling to share duties
• Unusually close relationship with
vendors/customers
• Wheeler-dealer attitude
• Divorce or other family problems
• Irritability, suspiciousness, or defensiveness
• Addiction problems
• Refusal to take vacations
74
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 74
Profile of Employees Who Commit Fraud
I. COSO Profile of Employee Fraud Perpetrator
The COSO study captured the names and positions of all
individuals named in the AAER for each alleged instance of
fraudulent financial reporting. The highest managerial title for the
employee was used to tabulate the individuals involved.
1. Employment position identified.
a. CEO and/or CFO: 89%
b. CEO: 72%
c. CFO: 65% (up from 43% in 1999 study)
d. Other VPs: 38%
e. Controller: 34% (up from 21% in 1999 study)
2. Duration of fraud scheme: the average fraud scheme extended
31.4 months.
a. The 1999 reported the average duration at 23.7 months.2
2"Guidance on Fraudulent Financial Reporting: Fraudulent Financial Reporting: 1998-2007 – An Analysis of U.S. Public Companies (2010)." The website of the Committee of
Sponsoring Organizations of the Treadway Commission. http://www.coso.org/FraudReport.htm.
75
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 75
Profile of Employees Who Commit Fraud
J. ACFE Report Profile of Perpetrators
The ACFE report identifies perpetrators in several broad
categories. The various components of their profile are provided
below as a percentage of reported fraud cases:
1. Position of Perpetrator – Frequency
a. Employee: 42.1%
b. Manager: 41.0%
c. Owner/Executive: 16.9%
2. Gender
a. Male: 66.7%
b. Female: 33.3%1
1"Report to the Nations on Occupational Fraud and Abuse." ACFE. 2010. http://www.acfe.com/rttn/2010-rttn.asp. Accessed July 2011.
76
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 76
Profile of Employees Who Commit Fraud
3. Age in Ranges
a. 36 to 40: 19.3%
b. 41 to 45: 19.3%
c. 31 to 35: 16.1%
d. 46 to 50: 13.7%
e. 26 to 30: 9.6%
f. 51 to 55: 9.4%
4. Tenure of Perpetrator
a. 1 to 5 years: 45.7%
b. More than 10 years: 25.4%
c. 6 to 10 years: 23.2%1
1"Report to the Nations on Occupational Fraud and Abuse." ACFE. 2010. http://www.acfe.com/rttn/2010-rttn.asp. Accessed July 2011.
77
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 77
Profile of Employees Who Commit Fraud
5. Education of Perpetrator
a. College degree: 38% (up from 34.4% in 2008 study)
b. High School Graduate: 28.8%
c. Some College: 17.1%
d. Post-graduate Degree: 14% (up from 10.9% in 2008)
6. Number of Cases by Department Employing Perpetrator
a. Accounting: 367 (22%)
b. Operations: 299 (18%)
c. Sales: 225 (13.5%)
d. Executive/Upper Management: 224 (13.5%)
7. Average duration of fraud scheme: 18 months1
1"Report to the Nations on Occupational Fraud and Abuse." ACFE. 2010. http://www.acfe.com/rttn/2010-rttn.asp. Accessed July 2011.
78
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 78
Profile of Employees Who Commit Fraud
KEY POINT
The ACFE reports from both 2008 and 2010 indicate that fraud perpetrators
were most often first-time offenders. Just over 85% of those identified as the
perpetrators of fraud in the current studies had never been charged or convicted
of fraud in any prior employment. This would indicate that criminal background
checks may have a limited impact on preventing fraud.
The data on who is committing fraud indicate that the most likely perpetrator is
male, college-educated, in his late 30's/early 40's, has been with the company
for less than 5 years, and works in the accounting department as a manager.
Depending on whether you rely on the COSO study or the ACFE report, the
perpetrator has been defrauding their employer either 18 months or closer to
3 years.
While the COSO and the ACFE report provide new clues to who is committing
fraud in today's companies, they also highlight a disturbing trend: increasingly,
accountants are involved in these fraud schemes.1 1"Report to the Nations on Occupational Fraud and Abuse." ACFE. 2010. http://www.acfe.com/rttn/2010-rttn.asp. Accessed July 2011.
79
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 79
Fraud: The Issues
Fraud: The CPA's Responsibility
Profile of Employees Who Commit Fraud
Employee Fraud
Prevention of Financial Statement Fraud
Resources
80
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 80
Employee Fraud
IV. Employee Fraud
A. Categories per ACFE Report
1. Corruption was identified as the primary fraud scheme in
32.8% of reported cases. It is defined as using employee
influence for own benefit.
a. Conflicts of Interest – purchasing or sales schemes.
b. Bribery – invoice kickbacks or bid rigging.
c. Illegal Gratuities.
2. Asset Misappropriation was defined as deliberate misuse or
stealing of company resources by the employee. This was the
most frequent type of fraud reported and represented 86.3% of
cases in the 2010 ACFE study.1
1"Report to the Nations on Occupational Fraud and Abuse." ACFE. 2010. http://www.acfe.com/rttn/2010-rttn.asp. Accessed July 2011.
81
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 81
Employee Fraud
a. This is a broad category covering both cash and non-cash
assets.
b. It includes traditional schemes of larceny, skimming,
misuse of business assets for personal use, and fraudulent
disbursements.
3. Fraudulent statements per the ACFE report included both
financial misrepresentations and non-financial statements. In
the 2010 ACFE report, the instance of financial statement
fraud was 4.8%, down from 10.3% in their 2008 report.
a. Financial statement fraud most typically involved
asset/revenue overstatement rather than understatement
of these accounts.
b. Non-financial statement fraud involved employment
credentials, internal documents, and internal documents.1 1"Report to the Nations on Occupational Fraud and Abuse." ACFE. 2010. http://www.acfe.com/rttn/2010-rttn.asp. Accessed July 2011.
82
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 82
Employee Fraud
KEY POINT
Of the three types of employee fraud identified in the ACFE report, this course
will focus on Financial Statement Fraud.
While this type of fraud occurs least often, it is the most costly. The ACFE 2010
report pegged the median cost of financial statement fraud at $1.7 million, down
from $2.0 million in their 2008 report. The COSO study, however, indicated a
mean of $25 million in their 2010 report. The COSO study did recognize that the
infamous frauds of the early 2000's could have skewed this average, but
concluded that the magnitude of the fraud problem has increased in this early
part of the 21st century compared to what occurred in the prior decade of the last
century.1
1"Report to the Nations on Occupational Fraud and Abuse." ACFE. 2010. http://www.acfe.com/rttn/2010-rttn.asp. Accessed July 2011.
83
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 83
Employee Fraud
B. Financial Statement Fraud Defined
Financial statement fraud is the deliberate misrepresentation of the
financial condition of an enterprise accomplished through the
intentional misstatement or omission of amounts or disclosures in
the financial statements to deceive financial statement users.
Financial statement fraud occurs least frequently, but its dollar cost
is highest.
1. Typical Method
Financial statement fraud will involve:
a. Overstating assets, revenues, and profits.
b. Understating liabilities, expenses, and losses.
2. Atypical Method
The overall objective of the misrepresentation may
occasionally require the opposite action (e.g., concealing over-
budget results in a good year in order to have "cushions" for
the next year that is expected to be more competitive).
84
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 84
Employee Fraud
C. The Impact of Financial Statement Fraud
1. Financial statement fraud may have a devastating effect on the
reputation and the financial condition of the company and
employees.
a. The COSO study found that companies engaged in fraud
often filed bankruptcy, experienced significant asset sales,
or were delisted from stock exchanges.
2. The stock market valuation impact of the financial statement
fraud may result in the company's stock value falling
dramatically overnight, possibly losing millions of dollars for
shareholders.
a. Initial news of the alleged fraud was followed by an
average stock price decline of 16.7% in two days.
b. News of SEC investigation resulted in stock declines of
7.3%.
85
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 85
Employee Fraud
D. The CPA: Impact of Financial Statement Fraud
Potential consequences include:
1. The shame of being escorted into court by police, in view of
family and friends.
2. Being sentenced to prison.
3. A felony conviction.
4. Newspaper and television coverage seen by friends, family
and neighbors.
5. Loss of personal income.
6. Loss of CPA license.
7. Large legal fees.
8. Expulsion from the AICPA and state societies of CPAs.
9. Being a social outcast.
86
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 86
Employee Fraud
E. The Financial Statement Fraud Culprits
There are two main groups who commit financial statement fraud.
1. Mid- and lower-level employees.
2. Senior management.
F. Most Common Motives Cited by SEC for Committing Financial
Statement Fraud
1. To meet internal or external earnings projections.
2. To conceal company's deteriorating financial condition.
3. To increase stock price.
4. To bolster financial performance for pending financing.
5. To increase management compensation when compensation
is tied to company performance.
6. To cover up assets misappropriated for personal use.
87
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 87
Employee Fraud
G. Methods of Financial Statement Fraud
Perpetrators may use a variety of techniques to misstate financial
statements, but the most common involve improper revenue
recognition, overstatement of assets, and understating
expenses/liabilities.
1. Improper Revenue Recognition was identified in 61% of 347
fraud companies included in 2010 COSO study. A breakdown
within this category follows:
a. Recorded fictitious revenues: 48%.
b. Recording revenues prematurely: 35%.
c. Other: 2%.2
2"Guidance on Fraudulent Financial Reporting: Fraudulent Financial Reporting: 1998-2007 – An Analysis of U.S. Public Companies (2010)." The website of the Committee of
Sponsoring Organizations of the Treadway Commission. http://www.coso.org/FraudReport.htm.
88
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 88
Employee Fraud
2. Overstatement of assets occurred in 51% of the SEC fraud
cases.
a. Overstated existing assets or capitalized expenses: 46%.
b. Recording fictitious assets or assets not owned: 11%.
3. Understatement of expenses/liabilities: 31%.
4. Misappropriation of assets: 14%.2
KEY POINT
These percentages cited for the methods used in both the gross categories and
the sub-groupings will not total to 100% as they reflect the incidence of multiple
fraud techniques used by the fraud perpetrators.
2"Guidance on Fraudulent Financial Reporting: Fraudulent Financial Reporting: 1998-2007 – An Analysis of U.S. Public Companies (2010)." The website of the Committee of
Sponsoring Organizations of the Treadway Commission. http://www.coso.org/FraudReport.htm.
89
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 89
Employee Fraud
EXAMPLE
Techniques for Misstating Revenues
Sham Sales
Companies often falsified inventory records, shipping
records, or invoices; sometimes recording sales shipped
to another location of same company.
Conditional Sales Recorded revenues even though transaction contained
unresolved contingencies.
Recording Loans as
Sales ('Roundtripping')
Providing funds to customers to purchase goods or
recording loan proceeds as revenues.
Bill and Hold
Transactions
Improperly recording as sales bill and hold transactions
that did not meet criteria for revenue recognition.
Premature Revenue
Recording
Recording sales after order was completed but before
the goods were shipped to the customer.
90
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 90
Employee Fraud
EXAMPLE (continued)
Techniques for Misstating Revenues
Improper Sales Cut-off
Accounting records were held open beyond Balance
Sheet date to record sales of subsequent accounting
period in the current period.
Improper Use of
Percentage of Completion
The estimated percentage of completion was
accelerated to enhance revenues.
Unauthorized Shipments
Either goods were shipped to customers that the
customer never ordered; or defective goods were
shipped and revenues were recorded at full price
instead of discounted prices.
Consignment Sales Revenues were recorded for consignment shipments
or for goods shipped to customers on a trial basis.
91
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 91
Employee Fraud
H. Financial Statement Fraud: Groupings of Techniques Used
The previous table highlights various schemes used to misstate
revenues. These and other fraud schemes can be categorized into
three major groupings. Each scheme presents its own challenge to
the auditor reviewing the financial statements.
1. Accounting System: Tricks
The violator uses the accounting system to generate the
results they want. For example:
a. Manipulating the calculation of expenses such as
depreciation, bad debt or cost of goods sold.
b. Recording invoices in the wrong period.
c. Recording sales early to accelerate income.
d. Recording real transactions in the accounting system, but
intentionally misstating the dollar amounts.
92
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 92
Employee Fraud
2. Accounting System: Lies
The violator submits false and fictitious data and transactions
into the accounting system to manipulate results in a manner
greater than can be achieved by simply "tricking" the
accounting system. Examples:
a. Fictitious sales recorded to real or fake customers.
b. Inventory and receivables amounts created, with
documents later being forged to support the "lies."
c. Journal entries hidden or miscoded in an attempt to
conceal the fraud.
d. Transactions concealed through use of intercompany
accounts.
e. Transactions in the system have no basis in fact or are
improperly recorded.
93
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 93
Employee Fraud
3. Accounting System: Beyond the System
The violator produces whatever financial statements they
desire by using a personal computer.
4. Auditing Tips
a. To catch this type of fraud, trace the financial statements
back to the trial balance and related general ledger from
the accounting system.
1) There should be no documentary trail to support these
fraudulent transactions or balances reported in the
financial statements unless the fraudsters prepare
forged or altered documents to help support their
fraud.
94
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 94
Employee Fraud
KEY POINT
In December 1999, the Securities and Exchange Commission issued Staff
Accounting Bulletin No. 101, Revenue Recognition in Financial Statements
(SAB 101), which gives additional guidance on revenue recognition to cease
some inappropriate practices that had been noted. SAB 101 indicates that
revenue generally is realized or realizable and earned when all of the following
criteria are met:
Persuasive evidence of an arrangement exists.
Delivery has occurred or services have been rendered.
The seller's price to the buyer is fixed or determinable.
Collectability is reasonably assured.
95
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 95
Employee Fraud
KEY POINT
In order to satisfy the provision for persuasive evidence of an arrangement, the
documentation for the arrangement must contain all the final terms and conditions
between the parties and conform to customary business practices.
Incorporation by reference of other signed agreements is acceptable. A signed
general purpose agreement followed by complying purchase orders is acceptable.
Bifurcation of one contract into two contracts may create issues.
All terms and conditions of the arrangement must be finalized.
All the documentation must be signed by both parties prior to any revenue
recognition. Without the customer's signature – the agreement is not an enforceable
claim on the customer, even if the product has been delivered.
Without seller's signature, the agreement is only an offer by seller to license and/or
sell the product or service. The risks and rewards of ownership must pass from
seller to buyer. A consignment arrangement or demonstration product does not
qualify.
96
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 96
Employee Fraud
I. Financial Statement Fraud: Method Detail and Audit
Techniques and Tips
1. Some of the more common types of financial statement fraud
include:
a. Fictitious Revenues.
b. Timing Differences.
c. Improper Asset Valuations.
d. Concealed Liabilities and Expenses.
e. Improper Disclosures.
2. Expanded discussions of each of these items follows with tips
for spotting their use.
97
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 97
Employee Fraud
3. Fictitious Revenues
Fictitious sales typically involve fake or non-existent
customers. However, it could involve actual customers.
a. Indirect Methods: Fictitious Sales
These methods do not attempt to overstate gross sales,
instead, they understate those accounts which reduce
gross sales to arrive at net sales. For example,
understating discounts, returns and allowances will
artificially overstate net sales. There are two basic
methods:
1) Failure to record mark down discounts on
merchandise when the sale is made.
2) Failure to record returns as a reduction from gross
sales.
98
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 98
Employee Fraud
b. Warning Signs, indicating the possibility of fictitious
revenues
1) Excessive growth or unusually high profitability, when
compared to other companies in the same industry.
2) Repeatedly reporting negative cash flows from operations
while reporting earnings and earnings growth.
3) Large transactions with related parties or special purpose
entities not in the ordinary course of business.
4) Significant, unusual, or highly complex transactions,
typically those close to period end that pose difficult
"substance over form" issues.
5) Unusual increase in the number of days sales in
receivables.
6) A large volume of sales to companies whose ownership
is not known.
99
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 99
Employee Fraud
4. Timing Differences
Financial statement fraud often involves timing differences,
such as the recording of revenue and/or expenses in improper
periods. This is done to move revenues or expenses from one
period to the next, thereby increasing or decreasing earnings.
a. Premature Revenue Recognition
Revenue should be recognized when the four criteria set
out in Staff Accounting Bulletin No. 101 have been
satisfied:
1) Persuasive evidence of an arrangement exists.
2) Delivery has occurred or services have been
rendered.
3) The seller's price to the buyer is fixed or determinable.
4) Collectability is reasonably assured.
100
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 100
Employee Fraud
b. Long-term Contracts
Managers can "play with" the percentage of completion
and the estimated costs to complete a construction project,
hence, the company will recognize revenues prematurely
and cover-up contract cost overruns.
c. Channel Stuffing/Trade Loading
The sale of an unusually large volume of a product to
customers who are encouraged to over-purchase through
the use of large discounts or extended financing terms.
d. Postponing the proper recording of expenses
The timely recording of expenses is often violated due to
excessive pressures to meet goals and budget projections.
101
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 101
Employee Fraud
KEY POINT
The negative consequence is that by "robbing" from the next period's sales, it is
more difficult to achieve sales goals in the following period, leading to
increasingly aggressive levels of channel stuffing and ultimately a restatement.
Issues include unrecorded side agreements that grant a right of return,
effectively making the sales into consignment sales. Greater risk of returns for
certain products occur if they cannot be sold before their shelf life expires.
102
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 102
Employee Fraud
e. Warning Signs of Possible Timing Difference Fraud
1) Excessive growth or unusual high profitability, when
compared to other companies in the same industry.
2) Repeated reporting negative cash flows from
operations while reporting earnings.
3) Significant, unusual, or highly complex transaction,
especially near the end of the period end that pose
difficult "substance over form" questions.
4) Unusual spikes in gross margin or margin in excess of
industry standards.
5) Unusual increase in the number of days sales in
receivables.
6) Unusual decrease in the number of days purchases in
accounts payable.
103
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 103
Employee Fraud
5. Improper Asset Valuation
Applying the "lower of cost or market value" rule, where an
asset's cost exceeds its current market value (example:
obsolete technology), it must be written down to lower market
value.
KEY POINT
It is often necessary to use estimates in accounting. For example, estimates are
used in determining the residual value and the useful life of a depreciable asset,
the uncollectible portion of accounts receivable or the excess or obsolete portion
of inventory. Whenever estimates are used, there is an additional opportunity
for fraud by manipulating those estimates.
104
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 104
Employee Fraud
a. Inventory Valuation
Inventory must be valued at cost except when the cost is
higher than the current market value, inventory should be
written down to its current value which is lower.
1) Method of Manipulation
a) Physical inventory counts can be manipulated.
b) Unit costs used to price out inventory can be
manipulated.
c) Failure to reduce inventory for costs of goods
sold.
d) Programmed fraudulent computer reports that
incorrectly added up values.
105
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 105
Employee Fraud
e) A co-conspirator represents they are to be holding
inventory for the company.
f) "Bill and hold" items that have been recorded as
sales are included in the physical inventory count.
g) Goods held by the company on consignment.
h) Pallets of inventory with empty centers.
i) Moving inventory overnight between locations
being observed by auditors.
j) Insert phony count sheets or changing quantities
on the sheets during the inventory.
106
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 106
Employee Fraud
b. Accounts Receivable
The two most common fraud methods involving accounts
receivable are fictitious receivables and failure to write off
accounts receivable as bad debts.
1) Fictitious Accounts Receivable
The entry for a fictitious accounts receivable is to debit
accounts receivable credit sale. These schemes occur
most often at the end of the accounting period, because
accounts receivable should be paid in cash within a
reasonable time after period end.
DR: Accounts Rec. $XXX
CR: Sales $XXX
107
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 107
Employee Fraud
a) Auditor Issue: Confirmation
Fictitious accounts receivable might be concealed
by providing false confirmation of balances to
auditors. The mailing address provided for a fake
customer might be a mailbox under violator’s
control, a home address, or the business address
of a co-conspirator. Such fraud schemes can be
detected by reviewing business credit reports,
public records, or even the telephone book, to
identify significant customers.
b) Auditor Issue: Misuse of the "Allowance for
Doubtful Accounts"
Companies in need of more profits and income
will omit the recognition of such losses because of
the negative impact on the income statement.
108
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 108
Employee Fraud
c. Business Consolidations
Violators may attempt to misappropriate the purchase price.
Violators may create excessive reserves for various expenses
at the time of acquisition, planning to utilize those "cookie jars"
as sources of earnings at a future date.
d. Fixed Assets
Fixed assets can be fictitiously created by a variety of
schemes. They are subject to misstatement through many
different fraudulent methods:
1) Recording Fictitious Assets
The false reporting of assets affects the asset balance on
a business balance sheet. The most common fictitious
asset schemes are:
a) Creating fictitious documents.
b) Equipment is leased, not owned, and the asset is
capitalized.
109
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 109
Employee Fraud
2) Fixed Asset Valuation Issues
Fixed assets should be reported at cost (NBV).
Financial statement frauds have involved the
recording of fixed assets at the higher market values
instead of the lower acquisition costs, or at even
higher inflated values with fake valuations as
documentation.
3) Fixed Asset Understatement (to secure capital
expenditure approval)
Funding may be based on asset amounts. An
understatement can be done directly or through
improper depreciation.
110
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 110
Employee Fraud
4) Capitalization Policy Violations
Interest and finance charges incurred in the purchase
should be excluded from the cost of a purchased
asset.
5) Misclassifying Assets
Due to budget requirements, among other reasons,
assets are misclassified into general ledger accounts
which are improper. The manipulation affects
financial ratios and conceals non-compliance with loan
covenants or other borrowing requirements.
111
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 111
Employee Fraud
6) Warning Signs
a) Recurring negative cash flows from operations
while reporting earnings and earnings growth.
b) Significant declines in customer demand and
increasing business failures in either the industry
or overall economy.
c) Assets, liabilities, revenues, or expenses based
on significant estimates that involve subjective
judgments or uncertainties that are difficult to
corroborate.
d) Nonfinancial management's excessive
participation in or preoccupation with the selection
of accounting principles or the determination of
significant estimates.
112
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 112
Employee Fraud
e) Unusual spike in gross margin or margin in
excess of industry standards.
f) Unusual increase in the number of days sales in
receivables.
g) Unusual increase in the number of days
purchased in inventory.
h) Allowances for bad debts, excess and obsolete
inventory, that are decreasing in percentage
terms or are out of line with industry standards.
i) Unusual change in the ratios between fixed assets
and depreciation.
j) Adding to assets while the industry is reducing
capital expenditures.
113
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 113
Employee Fraud
6. Understating Liabilities and Expenses
Pre-tax income will increase when an expense or liability is not
recorded. This is less difficult to commit than falsifying sales
transactions. Missing transactions are harder for auditors to
detect than improperly recorded ones because there is no
audit trail.
a. Liability/Expense Omissions
Under this method of understating liabilities/expenses, the
violator fails to record them.
1) Debit memos can be created for chargebacks to
vendors, for claim permitted rebates, or allowances, or
simply to create additional income.
114
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 114
Employee Fraud
KEY POINT
Because they are easy to conceal, understated liabilities are often the most
difficult to uncover. A detailed review of all post-financial-statement-date
transactions can aid in the discovery of omitted liabilities. Furthermore, the
auditor should carefully review the client's files, a physical search may uncover
concealed invoices and un-posted liabilities.
Wrong-doers often plan to make up for their omitted liabilities with expectations
of other income sources such as profits from future price increases.
115
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 115
Employee Fraud
Financial Statements
Trial Balance
General Ledger
Subsidiary Ledger
Books of Original Entry
Source of Documents
Execution of Event
Transaction Approved
V O U C H Testing for Existence
Testing for Support
T R A C E Testing for Completeness
Testing for Coverage
race
ouch
116
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 116
Employee Fraud
b. Capitalized Expenses
Capitalizing expenses will result in an increase to income
and assets since capitalized items are depreciated over a
period of years rather than expensed in the current period.
1) Capital expenditures may be expensed
The privately owned business may want to minimize
its net income due to tax issues, or to increase
earnings in future periods.
117
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 117
Employee Fraud
c. Returns and Allowances and Warranties
A certain percentage of products sold will be returned.
With warranty liability fraud, the liability is either omitted or
substantially understated.
d. Warning Signs of Possible Liability & Expense Fraud
1) Recurring negative cash flows from operations or an
inability to generate cash flows from operations while
reporting earnings and earnings growth.
2) Assets, liabilities, revenues, or expenses based on
significant estimates that involve subjective judgments
or uncertainties that are difficult to corroborate.
118
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 118
Employee Fraud
3) Non-financial management's excessive participation in
or preoccupation with the selection of accounting
principles or the determination of significant estimates.
4) Unusual spike in gross margin or margin in excess of
industry standards.
5) Allowances for sales returns, warranty claims that are
decreasing in percentage terms or are out of line with
industry standards.
6) Unusual decrease in the number of days purchases in
accounts payable.
7) Reducing accounts payable reduction while the
industry is delaying payments to vendors.
119
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 119
Employee Fraud
7. Improper Disclosures
Improper disclosures associated with financial statement fraud
will typically involve the following: Liability Omissions,
Subsequent Events, Management Fraud, Related-Party
Transactions, and Accounting Changes.
a. Liability Omissions
Omissions include the failure to disclose loan covenants or
contingent liabilities. These agreements usually contain
various types of covenants including certain financial ratio
limits and restrictions.
b. Subsequent Events
Violators will fail to disclose court judgments and
regulatory decisions that adversely effect the reported
values of assets, that indicate unrecorded liabilities, or that
negatively reflect upon management.
120
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 120
Employee Fraud
c. Management Fraud
Management has the responsibility to disclose to the
shareholders significant fraud committed by officers,
executives, and others in positions of trust. Failure to
disclose such information from auditors would involve lying
to auditors, an illegal act in itself.
d. Related-Party Transactions
There is nothing inherently wrong with related-party
transactions. However, they must be fully disclosed.
121
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 121
Employee Fraud
e. Accounting Changes
Violators will fail to restate financial statements or disclose the
cumulative effect of a change in accounting principle made,
simply to improve earnings. They will fail to disclose
significant changes in estimates such as:
1) Depreciable assets' useful lives and estimated salvage
values.
2) Estimates of warranty.
3) Change in the reporting entity.
f. Warning Signs of Possible Disclosure Fraud
1) Domination of management by a single person or small
group (in a non-owner-managed business) without
compensating controls.
2) Ineffective board of directors or audit committee oversight
over the financial reporting process and internal control.
122
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 122
Employee Fraud
3) Ineffective communication, implementation, support,
or enforcement of the entity's values or ethical
standards by management or the communication of
inappropriate values or ethical standards.
4) Rapid growth or unusual profitability, especially
compared to that of other companies in the same
industry.
5) Significant, unusual, or highly complex transactions,
especially those close to period end that pose difficult
"substance over form" questions.
6) Significant related-party transactions not in the
ordinary course of business or with related entities not
audited or audited by another firm.
123
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 123
Employee Fraud
7) Significant bank accounts or subsidiary or branch
operations in tax-haven jurisdictions for which there
appears to be no clear business justification.
8) Overtly complex organizational structure involving
unusual legal entities or managerial lines of authority.
9) Known history of violations of securities laws or other
laws and regulations, or claims against the entity, its
senior management, or board members alleging fraud
or violations of laws and regulations.
10) Recurring attempts by management to justify marginal
or inappropriate accounting on the basis of materiality.
11) Formal or informal restrictions on the auditor that
inappropriately limit access to people or information or
the ability to communicate effectively with the board of
directors or audit committee.
124
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 124
Employee Fraud
J. Case example, where delivery has occurred or services have been
rendered. Let's consider the sale of a product that can be provided
a number of ways—software.
1. Physical Delivery
Occurs upon the transfer of a disk or tape containing the
software, accompanied by documentation, to a customer (not
to an intermediary site or a fulfillment house.)
a. "F.O.B. Shipping Point" or "F.O.B. Destination" needs to
be specified in the contract.
b. Example: software shipped on September 30 – F.O.B.
Destination.
c. Does the customer have software testing and acceptance
rights?
125
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 125
Employee Fraud
2. Electronic Delivery
Occurs when the customer takes possession of the software
via a download or is provided with access to the software via a
code ("key").
a. Examples: Software buyouts, network-wide base generic
software pools, list of GA features.
3. Multiple copies of the same software
An obligation to deliver additional software copies, physically or
electronically, does not impact revenue recognition.
4. Software Duplication
Considered incidental to meeting the delivery criteria.
a. Revenue can be recognized upon physical or electronic
delivery of the first copy.
b. Should accrue the cost of duplicating the software.
126
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 126
Employee Fraud
5. Multiple Licenses of the Same Software
The price in the contract is on a per-license basis and the
value of the contract is a function of the number of licenses
purchased by the customer.
a. Revenue is recognized when each separately-licensed
software copy is delivered.
6. If there is an undelivered element (hardware or software) that
is essential to the functionality of the delivered software
element, delivery has not occurred for purposes of revenue
recognition.
7. Terms and Conditions Presumed Substantive
a. Acceptance.
b. Installation or other services.
127
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 127
Employee Fraud
8. Substantial Completion
a. Only inconsequential or perfunctory actions.
b. Failure to complete would not result in a refund or
rejection of delivered products/services.
c. No undelivered elements essential to functionality.
9. Multiple Element Arrangement (MEA)
A contract to provide more than one software product (the
"element"), software product and services, or software product
with customer support (PCS).
a. Software arrangements with one element.
1) Recognize revenue when all the revenue recognition
criteria discussed previously have been met.
128
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 128
Employee Fraud
b. Software arrangements with multiple elements.
1) Must allocate the contract price to each element based on
vendor-specific objective evidence (VSOE) of fair value.
2) Recognize the allocated revenue when all the revenue
recognition criteria have been met, on an element-by-
element basis.
10. Allocation of Contract Price to Multiple Elements
a. VSOE is limited to either of the following:
1) The price charged when the element is sold separately to
other customers must be supportable by invoices and
auditable.
2) If the software is not yet sold separately, VSOE is the price
established by management having the requisite authority.
b. Separately stated prices in the contract does not meet the VSOE
requirement.
c. List prices do not meet the VSOE requirement.
129
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 129
Employee Fraud
11. Vendor-specific Objective Evidence of Fair Value
a. If VSOE does exist for all the elements, or:
1) All the elements are delivered (exceptions are PCS
and unspecified additional software products).
2) VSOE does exist for all the undelivered elements
(SOP 98-9: Residential Method).
b. VSOE criteria was intentionally made very narrow, past
"front-loading" abuses within the software industry.
1) Future deliverables cause valuation issues.
2) Invoice price (that will not change).
130
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 130
Employee Fraud
12. The seller's price to the buyer is fixed or determinable.
a. Price is stated, not subject to change, and payable in
accordance with normal terms.
b. Any extended payment terms in a software arrangement
may indicate that the price is not fixed or determinable.
1) Normal payment terms are net 30 days.
2) Need to determine the reason – does that reason
jeopardize revenue recognition?
c. If payment extends for more than twelve months after
delivery, the entire price should be presumed not to be
fixed or determinable.
131
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 131
Employee Fraud
d. If payments are a function of the number of units copies or
the expected number of users, the price is not fixed or
determinable at the outset of the arrangement.
1) Rationale: the longer the payment terms, the greater
the risk of price concessions due to the technological
obsolescence of the delivered software or the
introduction of new and improved software.
e. Revenue Recognition
If it is determined that the contract price is not fixed or
determinable, revenue is recognized as non-refundable,
contractual payments become due.
132
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 132
Employee Fraud
13. Collectability Is Not Reasonably Assured
a. Customer financing arrangements need to be reviewed
closely.
1) Credit issue or competitive issue.
b. A past practice of providing concessions to the customer is
difficult to overcome.
1) History of concessions (to possibly encourage
payment).
2) Concession is defined broadly.
c. Customer acceptance clauses need to be evaluated in
detail.
1) Linking payment terms to acceptance may create
uncertainty about collectability upon delivery of the
software.
133
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 133
Employee Fraud
d. Returns must be reasonably estimable.
e. Collection is contingent upon some future events, e.g.,
resale of the product, receipt of additional funding, or
litigation.
f. The customer does not have the ability to pay, e.g., it is
financially troubled, it has purchased far more than it can
afford, or it is a shell company with minimal assets.
134
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 134
Fraud: The Issues
Fraud: The CPA's Responsibility
Profile of Employees Who Commit Fraud
Employee Fraud
Prevention of Financial Statement Fraud
Resources
135
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 135
Prevention of Financial Statement Fraud
V. Prevention of Financial Statement Fraud
KEY POINT
Both the COSO report and the ACFE study point to executive and upper
management personnel as the primary perpetrators of financial statement
frauds. Individuals with high level management positions can use their authority
to override most internal controls, so those controls can be of limited value in
preventing financial statement fraud.
Most approaches to reducing financial statement fraud fall back on the Cressey
study and its Fraud Triangle theory. The focus is therefore placed on reducing
pressures, reducing the opportunity, and reducing rationalization. Some specific
recommendations for each of these strategies follow.3
3"The Small Business Fraud Prevention Manual." ACFE. 2008. http://www.acfe.com/documents/small-business-fraud-2008-excerpt.pdf.
136
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 136
Prevention of Financial Statement Fraud
A. Reduce Pressures
1. Directors and officers should "set the tone."
2. Avoid setting unreasonable financial targets.
3. Avoid applying excessive pressure on employees to achieve
goals.
4. Adjust goals when market conditions change.
5. Establish fair compensation systems.
6. Discourage excessive external expectations of future corporate
performance.
7. Remove operational obstacles blocking effective performance..
137
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 137
Prevention of Financial Statement Fraud
B. Reduce the Opportunity
1. Maintain strong internal controls.
2. Monitor the business transactions and interpersonal
relationships of suppliers, buyers, purchasing agents, sales
representatives, and others.
3. Establish a physical security system to secure company
assets.
4. Maintain segregation of duties.
5. Human resources should have accurate personnel records
including background checks on new employees.
6. Establish strong supervision within groups to enforce
accounting procedures.
7. Establish clear and uniform accounting procedures with no
exception clauses.
138
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 138
Prevention of Financial Statement Fraud
C. Reduce Rationalization
1. Promote good values and integrity within the organization.
2. Clearly define prohibited behavior with respect to accounting
and financial statement fraud.
3. Provide regular training to all employees.
4. Establish confidential reporting systems to communicate
problems.
5. Senior executives must communicate to employees that
integrity is a priority.
6. Management practices and sets an example by promoting
honesty in the accounting area.
7. The consequences of violating the rules and the punishment of
violators should be communicated clearly.
139
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 139
Prevention of Financial Statement Fraud
KEY POINT
Beyond these strategies, the ACFE report does provide some dollar-specific
ranking of the effectiveness of implementing anti-fraud controls. The following
table shows the top 10 most effective anti-fraud controls. It is interesting to note
how cost-effective some techniques are, even when infrequently used, for
example, surprise audits were used in only 28.9% of the cases reported, but
resulted in a 51.5% reduction in loss due to fraud. Job rotation proved very cost
effective as well. This policy was in place in only 14.6% of the cases reported,
but still resulted in nearly a 50% reduction in losses.1
1"Report to the Nations on Occupational Fraud and Abuse." ACFE. 2010. http://www.acfe.com/rttn/2010-rttn.asp. Accessed July 2011.
140
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 140
Prevention of Financial Statement Fraud
Median Loss Based on Presence of Anti-Fraud Controls
Control
% of Cases
Implemented
Control
in Place Control Absent % Reduction
Hotline 48.6% $100,000 $245,000 59.2%
Employee Support
Programs 44.8% $100,000 $244,000 59.0%
Surprise Audits 28.9% $ 97,000 $200,000 51.5%
Fraud Training for
Employees 39.6% $100,000 $200,000 50.0%
Fraud Training for
Mgt/Exec 41.5% $100,000 $200,000 50.0%
Job Rotation/
Mandatory Vacation 14.6% $100,000 $188,000 46.8%
Code-of-Conduct 69.9% $140,000 $262,000 46.6%
Anti-Fraud Policy 39.0% $140,000 $200,000 40.0%
Management Review 53.3% $120,000 $200,000 40.0%
External Audit of
ICOFR 59.3% $140,000 $215,000 34.9%
141
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 141
Prevention of Financial Statement Fraud
KEY POINT
The 2010 COSO report included little in the way of significant differences
between firms that engaged in financial statement fraud and the 'no-fraud' firms.
The only major distinction that the committee noted was that fraud firms
engaged in significantly more related party transactions. Also, the rate of auditor
changes for fraud firms was double the rate for a similar set of no-fraud firms:
26% versus 12%.
In light of seemingly inconclusive results, the COSO researchers recommend
continued study to help to "strengthen the prevention, deterrence, and detection
of fraudulent financial reporting".2
2"Guidance on Fraudulent Financial Reporting: Fraudulent Financial Reporting: 1998-2007 – An Analysis of U.S. Public Companies (2010)." The website of the Committee of
Sponsoring Organizations of the Treadway Commission. http://www.coso.org/FraudReport.htm.
142
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 142
Fraud: The Issues
Fraud: The CPA's Responsibility
Profile of Employees Who Commit Fraud
Employee Fraud
Prevention of Financial Statement Fraud
Resources
143
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 143
Resources
"Report to the Nations on Occupational Fraud and Abuse." ACFE. 2010.
http://www.acfe.com/rttn/2010-rttn.asp. Accessed July 2011.
"Guidance on Fraudulent Financial Reporting: Fraudulent Financial Reporting: 1998-
2007 – An Analysis of U.S. Public Companies (2010)." The website of the
Committee of Sponsoring Organizations of the Treadway Commission.
http://www.coso.org/FraudReport.htm. Accessed July 2011.
"Sarbanes-Oxley Act of 2002." http://www.gpo.gov/fdsys/pkg/PLAW-
107publ204/pdf/PLAW-107publ204.pdf. Accessed July 2011.
"The Small Business Fraud Prevention Manual." ACFE. 2008.
http://www.acfe.com/documents/small-business-fraud-2008-excerpt.pdf.
Accessed July 2011.
"The Small Business Fraud Prevention Manual." ACFE. 2010.
http://www.acfe.com/documents/small-business-fraud-2010-toc.pdf. Accessed
July 2011.
"Home page." The website of the Committee of Sponsoring Organizations of the
Treadway Commission. http://www.coso.org/. Accessed July 2011.
144
© 2011 DeVry/Becker Educational Development Corp. All rights reserved. 144
Thank You!