Forensic Accounting - Louisiana State University

Document Sample
Forensic Accounting - Louisiana State University Powered By Docstoc
					          Forensic Accounting: Strategies for
            Detecting & Controlling Fraud
           D. Larry Crumbley, CPA, CFF, Cr.FA, CFFA, FCPA
                      KPMG Endowed Professor
                      Department of Accounting
                      Louisiana State University
                       Baton Rouge, LA 70803
                         225-578-6201 Fax

Dr. Crumbley is the
  Editor of the Journal of Forensic Accounting: Auditing,
Fraud, and Risk,
  Former chair of the Executive Board of Accounting
Advisors of the American Board of Forensic Accountants,
  Member of the NACVA’s Fraud Deterrence Board, and
  On the AICPA’s Fraud Task Force (2003-2004).
A frequent contributor to the Forensic Examiner and
Value Examiner, Professor Crumbley is a co-author of
CCH Master Auditing Guide, along with more than 50
other books and 350 articles. His latest book entitled
Forensic and Investigative Accounting is published by
Commerce Clearing House (800-224-7477). Some of his
12 educational novels have as the main character a
forensic accountant. His goal is to create a television
series based upon the exciting life of a forensic
accountant and litigation consultant.

Forensic Report


“External auditors come down the hill
after the battle and bayonet the
wounded. Forensic accountants are the
guys and girls who follow behind them,
going through the soldiers’ pockets
looking for money.”
                    Puff Adder

“What the use of finger prints was to the 19th century and DNA
analysis was to the 20th, forensic accounting will be to the 21st

      - Gordon Brown, Chancellor of the Exchequer, 10 October 2006.

                Glimpse Forward
  Overview of Forensic Accounting
 Panel of Auditing Effectiveness
 Persuasiveness/ Costs of Fraud/ Abuse
 Some Fraud Surveys
 Fraud Multiplier
 COSO’s Model
 Risk Assessment
 Misappropriation of Assets/ Cooking the Books
 Detection, Investigation, and Deterrence
 Types of Misappropriations
 Earnings Management
 Seven Investigative Techniques
 Five Magic Ratios
 Using Technology
 Best Fraud Auditing Techniques
Now John at the bar is a friend of mine.
He gets me my drinks for free.
Sing us a song, you’re the piano man.
                                                       “Piano Man”Billy Joel

       Some Fraud Figures
  Australia’s annual fraud, 2003, $5.8 billion
or 1.147% of GDP.
 Malaysia’s telecom operators lose 3% of
revenue to fraud each year.
 A KPMG Malaysian survey found that more
than a third of the polled companies lost over
RM 1 million from fraud in 2 years.
 Fraud and abuse in U.S. is about $1 trillion
 The quantity of corruption crimes has
continued to rise in China after the market
liberalizations in 1978 (because so much
more money involved).
 An employee at the Australian mint stole
$100,145 over ten months by hiding bills and
coins in his lunch box and boots. He carried
away on an average 150 coins in each boot
every day.

         Fannie Mae Forensic Probe

   BOD hired investigators who cleared the
    current management of Fannie Mae of
    knowingly participating in any
   The report took 17 months; 616 pages
    plus 2,000 plus pages of supporting
   Cost of $60 million to $70 million.
   The fraud was estimated to be $11
   Former N.H. Senator Warren Rudman
    used The Huron Consulting Group.

                        E&Y Counts Macca Fortune
Big Four firm hired in high-profile divorce of former Beatle Sir Paul McCartney and
ex-wife Heather Mills

Penny Sukhraj, Accountancy Age, 18 Mar 2008

Sir Paul McCartney instructed Ernst & Young to value his business assets as part of his divorce
proceedings, it has emerged.

The Big Four firm put a value of £400m on his fortune, a figure accepted by the court over
valuations carried out by ex-wife Heather Mills' accountants.

E&Y director, Alan Wallis performed the valuation which showed the Beatle's business interests as
at 11 June 2002 and 28 April 2006 at £242,900,000 and £240,900,000 respectively.

Mills claimed for £125m following her short four-year marriage but a judge awarded her only £24.3
million from the star's wealth.

According to court papers, Wallis valued McCartney's property holdings at £33,979,000, with
£15,159,000 in bank accounts in the UK and USA. His investments were valued at £34,319,000. He
was owed a total of £3,687,000. He held £6000 in cash. Paintings which he had painted, works of
art, musical instruments, jewellery, furniture, house contents, motor vehicles and horses were valued
professionally at £32,269,000.

He disclosed tax liabilities of £9,615,000. He put in as the value of his business interests Mr Wallis’
valuation of £240,920,000. His pension assets were valued at £36,288,000. Accordingly he
disclosed total net assets of £387,012,000. He disclosed his total net income for the next 12 months
at £5,357,000.

Mills' forensic accountants Lee and Allen made a preliminary report of the her former husband's
business interests and also requested further information so that they could check, comment on,
differ from, or agree with Ernst and Young’s valuations.

But a senior district judge disallowed several of the requests.

In addition, the court rejected the opinion on multiples used in valuations by Lee and Allen.

Mr Justice Bennett said: 'Having listened to both accountants giving evidence I unhesitatingly
accept that of Mr Wallis. I am grateful to Mr Allen for his assistance but on this issue Mr Wallis is
in a different league of expertise to Mr Allen. Mr Wallis told me he has 25 years experience in
musical and media work. In stark contrast Mr Allen, a forensic accountant mainly concerned with
claims for damages and with share valuations, candidly admitted that he had never valued a
catalogue. '
Read the McCartney-Mills judgment in full here

    Definition of Forensic Auditor

Someone who can look behind the
facade--not accept the records at
their face value--someone who has
a suspicious mind that the
documents he or she is looking at
may not be what they purport to be
and someone who has the
expertise to go out and conduct
very detailed interviews of
individuals to develop the truth,
especially if some are presumed to
be lying.
  Robert G. Roche, a retired chief of the IRS Criminal Investigation
Division of the IRS

    Narrow vs. Broad Definition

 Narrow: Fraud detection is major

 Broad: Employed to seek, interpret,
and communicate transactional and
reporting event evidence in an
objective, legally sustainable fashion,
not only in situations where there are
specific allegations of wrongdoing, but
also in situations where interested
parties judge that the risk of loss from
wrongdoing is such that proper
prudence requires legally sustainable
evidence to support the conclusion that
no wrongdoing is occurring (James

             Narrow Approach


       Internal and
     Auditing                                        Accounting
                                                     Litigation Matters
     Risk Assessment
                                                     and Investigations
     Internal controls
      Audit Evidence

                         Prevention and Deterrence

U.S. Dept. of Justice, Education and Training in Fraud
and Forensic Accounting: A Guide for Educational
Institutions, Stakeholder Organizations, Faculty and
Students, Draft Copy, December 23, 2005.
             Broad Approach

“I liken it to ‘CSI’ or ‘Law & Order,’ but instead of
figuring out the trajectory of a bullet, you’re trying to
find out how a transaction occurred.”
          Terry McCarthy
Definition of Forensic Accounting
   Forensic accounting is the application of
   accounting, tax, auditing, finance,
   quantitative analysis, investigative and
   research skills, and an understanding of
   the legal process for the purpose of
   identifying, collecting, analyzing, and
   interpreting financial or other data or
   issues in connection with:
1) Litigation services: providing assistance for
   actual, pending or potential legal or
   regulatory proceedings before a trier of fact
   in connection with the resolution of disputes
   between parties, or
2) Non-litigation services: performing
   analyses or investigations that may require
   the same skills used in 1, above, but may not
   involve the litigation process.

   Definition of Forensic
Accounting Litigation Service
 Forensic accounting litigation
 services are the professional
 assistance accountants provide
 related to the litigation process.
 These services may involve
 accounting, financial, auditing, tax,
 quantitative      analysis,      and
 investigative and research skills, as
 well as an understanding of the
 legal process to provide assistance
 for actual, pending, or potential
 legal or regulatory proceedings
 before a trier of fact in connection
 with the resolution of a dispute
 between parties.                        14
   Definition of Forensic
 Accounting Non-Litigation
  Forensic accounting non-litigation
services are the professional assistance
accountants provide not related to the
litigation process. These services may
involve accounting, financial, auditing,
tax,     quantitative   analysis,    and
investigative and research skill as well
as an understanding of the legal process
to provide assistance in connection with
matter or issues not involving the
litigation process.

“You’re trying to piece together a puzzle where you
do not have the picture on the box to know what it’s
going to look like. The facts are not settled, and actually
it’s the facts that are in dispute.”
           Andrew Bernstein                                   15
                    Short History
1. Late 1800’s – Find fraud
2. 1930’s- Puff Adder –encyclopedia
3. 1933-1934-independent audits
4. 1950’s-Eighth edition Montgomery auditing reduced formal
   stress on fraud detection.
5. January 1957- H.W. Bevis, AR, questioned the benefit of
   discovering minor employee thefts.
6. 1960s-auditors claimed no responsibility.
7. Financial audits: Consistency.
8. Audit surveillance: test of details (disappeared).
9. Stock market bubble
10. Panel on Audit Effectiveness (2000)
11. Enron/ WorldCom/ Parmalat/ HealthSouth
12. Sarbanes-Oxley/ PCAOB
13. SAS No. 99
14. Global Capital Markets and the Global Economy: A Vision from
    the CEOs of the International Audit Networks, November 2006.
15. Managing the Business Risk of Fraud: A Practical Guide, IIA,
    AICPA, ACFE, 2008.

       Why Growth in Forensic Accounting

1.         Increase in fraud.
2.         Less loyalty to organization.
3.         Employee mobility.
4.         Change in societal values.
      a.     Break-up of family unit.
      b.     Less religious.
      c.     Less ethics.
5.         Computers replacing accounting
           functions. External accountants are
           looking for new jobs.
6.         Higher insurance premiums for
7.         Auditors became sales people.
8.         Grade inflation/coursework
9.         Enron/WorldCom/Xerox.
10.        SOX/ SAS No. 99.

                                                               Country rank                  Country          2007 CPI Score
                                                                    1.        Denmark                              9.4

Transparency International Corruption Perceptions Index 2007                  Finland                              9.4

                                                                              New Zealand                          9.4
                                                                    4.        Singapore                            9.3

                                                                              Sweden                               9.3

                                                                    6.        Iceland                              9.2

                                                                    7.        Netherlands                          9.0

                                                                              Switzerland                          9.0

                                                                    9.        Canada                               8.7

                                                                              Norway                               8.7
                                                                   11.        Australia                            8.6

                                                                   12.        Luxembourg                           8.4

                                                                              United Kingdom                       8.4

                                                                   14.        Hong Kong                            8.3

                                                                   15.        Austria                              8.1

                                                                   16.        Germany                              7.8

                                                                   17.        Ireland                              7.5

                                                                              Japan                                7.5

                                                                   19.        France                               7.3

                                                                   20.        USA                                  7.2

                                                                   162.       Bangladesh                           2.0

                                                                              Cambodia                             2.0

                                                                              Central African Republic             2.0

                                                                              Papua New Guinea                     2.0

                                                                              Turkmenistan                         2.0
                                                                              Venezuela                            2.0

                                                                   168.       Congo, Democratic Republic of        1.9

                                                                              Equatorial Guinea                    1.9

                                                                              Guinea                               1.9

                                                                              Laos                                 1.9

                                                                   172.       Afghanistan                          1.8

                                                                              Chad                                 1.8
                                                                              Sudan                                1.8

                                                                   175.       Tonga                                1.7

                                                                              Uzbekistan                           1.7
                                                                   177.       Haiti                                1.6

                                                                   178.       Iraq                                 1.5

                                                                   179.       Myanmar                              1.4

                                                                              Somalia                              1.4         18
          States Corruption Index

Most corrupt:         Least corrupt:

1.    Mississippi     1.    Nebraska
2.    North Dakota    2.    Oregon
3.    Louisiana       3.    New Hampshire
4.    Alaska          4.    Iowa
5.    Illinois        5.    Colorado
6.    Montana         6.    Utah
7.    South Dakota    7.    Minnesota
8.    Kentucky        8.    Arizona
9.    Florida         9.    Arkansas
10.   New York        10.   Wisconsin

    The Bubble Deception

 There are 14,000 publicly traded
companies in the United States.
Expecting all of them to be honest is
unrealistic. Like any town of 14,000,
the market is bound to have its share of
grafters and shoplifters.
By January 2001, all manner of
companies were abusing accounting
rules to mislead their investors,
seemingly without fear of being caught.
A strange madness had gripped the
market. Even its most solid citizens
were running red lights and breaking
windows. And the police were nowhere
in sight.

Alex Berenson, The Number, Random House, 2003, p. xxiii.

      Enriching Insiders

  I know that sounds crazy, but the stock market
has gone from a place where investors actually
own part of a company and have a say in their
management to a market designed to enrich
insiders by allowing them to sell shares they buy
cheaply through options.
 Companies continuously issue new shares to
their managers without asking their existing
shareholders. Those managers then leak that
stock to the market a little at a time. It’s
unlimited dilution of existing shareholders’
stakes, dilution by a thousand cuts. If that isn’t
a scam, I don’t know what is.
   Individual shareholders have nothing but the
chance to sell their shares to the next sucker . A
mutual fund buys one million shares of a
company with your and your coworkers’ money.
You own 1 percent of the company. Six weeks
later you own less, and that money went to
insiders, not to the company.

   Alex Berenson, The Number, Random House, 2003, p. xviii.

Forensic Accounting Factors

   Time: Forensic accounting focuses
    on the past, although it may do so
    in order to look forward (e.g.,
    damages, valuations).
 Purpose: Forensic accounting is
    performed for a specific legal forum
    or in anticipation of appearing
    before a legal forum.
 Peremptory: Forensic accountants
    may be employed in a wide variety
    of risk management engagements
    within business enterprises as a
    matter of right, without the
    necessity of allegations (e.g.,
            With a single clue a forensic
    accountant can solve a fraudulent
                  One Small Clue
A former Scotland Yard scientist tried to
create the world’s biggest fraud by
authenticating $2.5 trillion worth of fake U.S.
Treasury bonds.
When two men tried to pass off $25 million
worth of the bonds in Toronto in 2001, a
Mountie noticed the bonds bore the word
“dollar” rather “dollars.”
Police later raided a London bank vault and
discovered that the bonds had been printed
with an ink jet printer that had not been
invented when the bonds were allegedly
Zip codes were used even though they were
not introduced until 1963.
Sue Clough, “Bungling Scientist Is Jailed for Plotting World's Biggest
Fraud,”, January 11, 2003.

      Forensic Accounting Defined

        Forensic accounting is the action of
identifying, recording, settling, extracting,
sorting, reporting, and verifying past financial
data or other accounting activities for settling
current or prospective legal disputes or using
such past financial data for projecting future
financial data to settle legal disputes.
Source: Forensic and Investigative Accounting (CCH)
      When the death of a company
occurs under mysterious
circumstances, forensic accountants
are essential. Other accountants look
at the charts but forensic accountants
actually dig into the body.
           Douglas Carmichael

    Forensic Accounting Areas

Investigative Auditing
Litigation Support

Forensic: Latin for “forum,”
referring to a public place or court.

Black’s Law Dictionary: Forensic,
belonging to the courts of justice.

Note: Corporate spooks are used to check on

                            Forensic Auditing
       Forensic auditing is a type of auditing
that specifically looks for financial
misconduct, and abusive or wasteful activity.
       It is most commonly associated with
gathering evidence that will be presented in a
court of law as part of a financial crime or a
fraud investigation.

Source: B.L. Derby, “Data Mining for Improper Payments,” Journal of Government
Financial Management, Winter, 2003, pp. 10-13
“ Forget the stuffed white shirt, forensic
accountants are more parts Philip Marlowe
than Casper Milquetoast. They open the
books and crack the code, transforming a
dull science of numbers into a suspenseful
mystery with a logical, even riveting
                                                                  Cory Johnson

     Top Niche Services - 2008
1. Attestation Services            87%
2. Business Valuation              82%
3. Estate/Trust/Gift               82%
4. Forensic/Fraud                  75%
5. Litigation support              75%
6. International tax               72%
7. Bus. Mgt. for wealthy individuals 71%
8. Industry specializations        63%
14. Sarbanes-Oxley compliance      53%

Source: Accounting Today.

  Forensic Accounting vs. Fraud

Fraud Auditor: An accountant
especially skilled in auditing who is
generally engaged in auditing with a
view toward fraud discovery,
documentation, and prevention.
“Economic crimes and fraud often do
not involve obvious evidence like the
smoking gun. Forensic accountants
look behind the deals and
handshakes and probe beyond the
numbers to uncover the reality of
financial situations.”
Source: D.W. Squires, “Problems Solved with Forensic
Accounting: A Legal Perspective,” Journal of Forensic
Accounting., Vol. IV (2003),. p. 131.
    Forensic Accounting vs. Fraud
Forensic Accountant: A forensic
accountant may take on fraud auditing
engagements and may be a fraud
auditor, but he or she will also use
other accounting, consulting, and legal
skills in broader engagements. In
addition to accounting skills, he or she
will need a working knowledge of the
legal system and excellent
communication skills to carry out
expert testimony in the courtroom and
to aid in other litigation support
Crumbley, Heitger, Smith, Forensic and Investigative Accounting (CCH)

             AICPA’s Position
  Public accounting firms could use forensic
accountants to help revise their approach to planning
and fieldwork on all audits, while requiring forensic
accountants only on high risk audit clients to aid in the
interpretation of forensic testing results and preventive
control enhancements.

 Does not require auditors to carryout specific forensic
procedures, but rather provide guidance on how to
include forensic techniques within processes outlines in
SAS 99. This combination will enhance the detection and
prevention of fraudulent financial statement reporting
and misappropriation of assets; thus protect investors
and financial statement users.

 The inclusion of audit procedures focused towards
detecting misappropriation of corporate assets may lead
to the identification of weaknesses within corporate
governance or control weaknesses. Frauds that are
identified which represent a material misappropriation of
assets could significantly impact public perception.

      AICPA’s Position (cont.)
 Professional forensic accountants can best be
used by ensuring such procedures are properly
developed and executed in-line with internal audit
and audit committee concerns. Forensic accountants
could then be engaged in high-risk situations, or
when a fraud is suspected.
 Companies should not use the forensic services of
their outside audit firm, unless it pertains to the
annual audit.
 Putting a price on a substantive test or forensic
auditing procedure may be smart for business;
however, the inherent risk is that short-cuts geared
towards reducing audit costs may eventually cause
investors to question the companies’ true financial

    AICPA – Discussion Memo Question Responses

                     Big-Six's Position
   A forensic audit is akin to a police investigation.

 All public companies should have a forensic
audit on a regular basis. Companies would be
required to have such an audit every three or five
years or face these audits on a random basis.

 Forensic auditors scrutinize all records of
companies, including emails, and would be able, if
not required, to question all company employees,
and to require statements under oath.

 Might be necessary for an audit network or a
specialized forensic auditor to complete a forensic
audit with the aid of independent attorneys (not
these who have represented the audit client in the
other engagements).

Source: “Serving Global Markets and the Global Economy: A View from the CEOs of
the International Audit Networks, November 2006, p. 13.

           Catch Me If You Can
Numbers Don’t Lie.
Criminals are another story.

Money talks. But more often it whispers.
When shady characters are up to no good,
they often leave a trail of questionable
financial transactions. Use your skills
and smarts to trace the money trail back
to the crooks in the all-new version of
Catch Me If You Can. Now more
interactive and exciting than ever. You
could win up to $2,000 in cash or other
prizes. And have a lot fun doing it.

           Register to play at        33
                         Forensic vs. Fraud Audit

Google result, September 14, 2008:
               Forensic Audit, 78,700 hits
               Fraud Audit, 26,100 hits
               Fraud Examination, 58,900 hits
               Fraud Accounting, 25,400 hits
               Forensic Accounting, 1,200,000 hits
               Fraud Investigation, 497,000
               Forensic Investigation, 290,000
               Fraud Auditing, 27,100
I don’t care what they say, but [forensic
    accounting] is here to stay.
                                                                                Danny & the Juniors

I see skies of blue and clouds of white, and I
    think to myself, what a wonderful world.
                                                                                Louis Armstrong

Specialties Within Forensic
and Investigative Accounting

   Employee Crime Specialist.
   Asset Tracing Specialist.
   Litigation Services Specialist and
    Expert Witness.
   Insurance Claims.
   Valuation Analysis.
   False Claims Act Violations.
   Due diligence investigations.

                         Asset Tracing
 Three Italian lawyers said in a filing to be
   presented to a bankruptcy court that they had
   traced $7.7 billion in missing Parmalat funds.
“We are preparing a filing in which we are asking
   for the insolvency status to be revoked
   because the money was robbed and not lost,”
   lawyer Carlo Zauli told Reuters.
But he said it would be an illusion to believe
   proof of electronic transfers of the funds could
   be found and the lawyers representing the
   Parmalat Creditors Committee did not say
   where the money was being held or if it was
An Italian website, TGfin (, said a
   company linked to Parmalat founder Tanzi was
   holding the funds in the form of U.S. bonds in
   an account with Bank of America.
Source: Emilio Parodi and Stefano Bernabei, “Wrap-up 2: Paramalat Fraud Probe Widens
    to Auditors, Ex-Banker, “, January 8, 2004.

      Gross Profit Comparison

    In a divorce situation, a business
     owner claimed only about $75,000
     annual income.
    He claimed he had borrowed and not
     paid back huge sums.
    Wife said he was spending about
     $400,000 per year more than his
Four schedules for the courtroom:
1.   What was known and alleged about
     husband’s expenditures.
2.   Schedule comparing income with
3.   Amounts husband claimed he had

     Gross Profit Comparison (cont.)

4.    Company’s income statements side-
              New Gross Profit
      His               Per Industry
      ----              ------
      ----              ------
      $75,000           $475,000

     Husband had overstated COGS.
      Checks issued to vendors, into COGS.
     Some of the vendors cashed the
      checks and returned the money to

      Mark Kohn, “Unreported Income and Hidden Assets,”
      Forensic Accounting in Matrimonial Divorce,
      Philadelphia: R. T. Edwards, 2005, pp. 49-57.

      Unreported Beer Sales

   Business owner reports only $50,000
    business income, but has expensive cars,
    private schools, buying significant real estate.

   Subpoenaed records of local beer distributors.
    Then went to the club and ordered some
    drinks, noting the pricing of the beer, etc.
       1,000 cases of Miller’s
          24 bottles
      x $2
    $48,000 per year

   Found that reported sales were underreported
    by $500,000.

    Mark Kohn, “Unreported Income and Hidden Assets,”
    Forensic Accounting in Matrimonial Divorce, Philadelphia:
    R.T. Edwards, 2005, pp. 49-57.

        Home Improvements
   Massive improvements to personal home, not
    paid for by personal funds.

   Company showed many corporate payments
    to home remodeling contractors/landscapers.

   But the industrial park not owned by company.

   Only photocopies of invoices provided.

   FC demanded original documents.

   Finally, the original documents had white-outs
    of job locations and work descriptions.

   Could turn over the originals and read the real
    data from the back side.

Mark Kohn, “Unreported Income and Hidden Assets,” Forensic
   Accounting in Matrimonial Divorce, Philadelphia: R.T.
   Edwards, 2005, pp. 49-57.

       Finding Unreported
     Income/Hidden Assets

1.     Look at the lifestyles.
2.     Look at the expenses.
3.     Look at the cash flow.
4.     Look at the business
5.     Look at the industry ratios.
6.     Consider using private
7.     Use the net worth method.

Mark Kohn, “Unreported Income and Hidden Assets,” Forensic
       Accounting in Matrimonial Divorce, Philadelphia: R.T.
       Edwards, 2005, pp.49-57.

                      Fiction v. Reality

           The main difference between fiction and
     reality is that instead of using mask and gun,
     today’s villains use mouse and keyboard.
     Instead of hiding behind a lamppost in a trench
     coat and fedora, today’s forensic accountants
     are more likely to be hiding behind their own
     computers, searching for clues amid mountains
     of data.
       Source; “Book ‘EM! Forensic Accounting in History and
       Literature,” The Kessler Report, Vol.1, No. 2.

     “Every investigation I did as a prosecutor, you
     have a particular target, but it always branches
     off because something else gets your attention.
     And that’s what is going to happen with a
     forensic accountant.”
               Tom Carlucci:
               E-library Rueter Library September 20, 2002

         Forensic Techniques Become Popular

“In many of the large accounting blow-ups, auditors knew
what was happening,” says Charles Niemeir, “but they
were willing to look the other way.”

There is a need to provide “incentives for people finding
problems,” says Douglas Carmichael. “Right now there
are no incentives for finding problems, and one who does
is treated as a trouble maker.”

Source: Cassell Bryan Low, “Accounting Firms Attempts to
Dispel the Cloud of Fraud,” Wall Street J., May 27, 2003.

  Doug Carmichael, Chief Auditor for Peek-uh-boo,
   faults auditors for not adopting forensic
  Carmichael wishes more “test of details,” not
   relying on test of controls.
  He wishes more shoe-leather work.
  Shoe-leather work is what we do!

Kris Frieswick, “How Audits Must Change,” CFO July
2003, p.48

                  Popular (cont.)

   E&Y’s forensic accounting team is comprised of
    350 practitioners in the U.S. alone, and focuses
    on strategies to mitigate and manage conflict in
    bankruptcy disputes, financial and economic
    damages, fraud and investigations, government
    contracts and grants, insurance claims,
    intellectual assets, and legal technology.

   Deloitte’s forensic accounting expertise includes
    anti-money laundering, the Foreign Corrupt
    Practices Act, purchase price disputes,
    arbitrations, construction fraud, health care fraud,
    construction oversight, intellectual property theft,
    and misdirected royalty revenues, to name just a

    They have forensic labs in nine major cities across
    the U.S. and an additional 18 cities around the
    world, including Hong Kong, London, Amsterdam,
    Frankfurt, Cape Town and Melbourne.” All FAS
    labs meet the FBI’s chain of custody
    requirements. “They are secure, state-of-the-art,
    and house advanced systems for storing and
    accessing data, including dedicated servers and
    fire-resistant safes.

Stuart Kahan, “Sherlock Holmes Enters Accounting,” WebCPA,
    February 11, 2007.                                       44
This need for the forensic accountant is
demonstrated by this passage from The CBS

 Margaret Barbera was very good with
 numbers. She could take a balance
 sheet, a set of account books, invoices,
 bills, and more, juggle and manipulate
 the figures and, presto, thousands
 become millions, losses become profits,
 profits become losses, sales soared or
 fell, whatever her employer desired, and
 it would take an expert auditor knowing
 precisely where to look and what to look
 for to figure out what she’d done, and
 even then, it still might slip by.
 Professor Cramer was in front of the auditing class
 quoting a passage from The CBS Murders, by Richard
 Hammer. [p. 67 in Trap Doors].

      Forensic Accountants
“Rather than combing torn clothing,”
forensic accountants “comb through
corporate books, looking for oddities
that could signal swindles,” says
Bruce Dubinsky. Investigations can
be extremely complex, with crates
and crates of documents and
thousands of computer files.
Investigators look for flags or
patterns that would not normally

Source: Mark Maremont, “Tyco Is Likely to Report
New Woes,” Wall Street Journal, April 30, 2003, p.

   Deutsche Bank is being sued for $1.3 billion by
    Bruce Winston (one of the heirs of Harry Winston
    diamond dynasty) for priceless gems
    disappearing from a trust under their control.
   A Burlington, Kentucky city finance director is
    accused of embezzling more than $1.2 million to
    support his estranged wife and his girlfriend.
   Martin Frankel vanished with between $200
    million in cash and diamonds one day. He
    accomplished this insurance fraud by buying
    poorly capitalized insurance companies, cooking
    the books to show increased premium value, and
    by including non-existing real estate and leases
    on the balance sheet.
   Bank of China’s Mr. Wu allegedly embezzling up
    to $18 million from a bank branch, using
    improper bills of exchange. BoC has a number of
    cases involving the embezzlement of $737
    million from branches in the Southern
    Guangdong Province.
   A U.S. Lime officer embezzled nearly $2.2 million
    by forging signatures of other company officers
    on checks, and falsifying the company’s check
    register to create the impression that the
    amounts he received went to U.S. Lime creditors.

                Potpourri (contd …)

   The Chairman of Hyundai Motor, Chung Mong-
    Koo, was sentenced in February 2007, to 3
    years in prison for embezzlement ($100
    million) and breach of trust at South Korea’s
    largest carmaker.
   Spanish authorities shut down Afinsa’s Forum
    stamp-investing programs with several
    hundred thousand of small investors. Alleged
    investments in overvalued stamps and
    suspected pyramid scheme. Eight officials
   In 2000, Rent Way’s CAO artificially reduced
    the company’s expenses by $127 million.
   WorldCom’s external auditors missed about
    $11 billion improperly booked items.
   Ahold NV, a Dutch company, said a U.S. unit
    had overstated revenues by $880 million by
    booking more discounts from suppliers than
    actually received.
   One Philippine peso coin has the same size as
    1 dirham, but worth only 7 fils. Thus, dispense
    machine fraud.
    Careful With Property Tax Refund Checks

   Supervisor of the Real Property Tax
    Adjustment Unit in Washington, D.C.,
    Harriette Walters, used at least 92
    payments to dummy corporations in a scam
    to obtain $31.7 million.
   Fraud was never noticed by city officials,
    internal, or external auditors. Auditors
    never examined why the city’s property tax
    refunds were steadily rising.
   Sham companies’ bank accounts were
    controlled by Walters’ brother.
   Many applications for refund were identical
    to prior ones.
   In a FBI raid of her house, 100 pieces of
    jewelry, a mink coat, 90 designer purses,
    68 pairs of shoes, designer luggage, Rolex
    watch, silver bar cart, and more were
    found. She had a $1.4 million in bills at
    Neiman Marcus on a $81,000 yearly
    government salary.

A forensic accountant has extensive
experience in investigations to determine
solutions to disputed accounting matters,
to write expert reports on their
investigation, and to appear in court as
expert witnesses.
     Zeph Telpner and Michael Mostek

A normal accountant is like a guard-dog
(e.g., a bulldog); a forensic accountant is
like a bloodhound; an internal auditor is
like a seeing-and-eye dog (e.g., monitoring
and guiding management), a corporate
accountant is a mix breed, and a
governmental accountant is an afghan.
                D. Larry Crumbley

         Auditors Blamed: Deep Pockets

Trustee   for United Companies (UC) said that
Deloitte and Touche was guilty of negligence,
malpractice, misrepresentation, breach of duty,
and fraud.
D & T failed to warn United Companies of all of
the losses it would absorb if the people who took
out the loans defaulted, because the accounting
firm was making millions and millions of dollars in
Loan practice called securitization or bundled
high-interest loans.
$685 million in liability damages.
Plaintiff’s Attorney: Role of auditors is to act as
watchdogs for companies. “A good watchdog
barks when somebody comes into the yard. D & T
is supposed to bark when there is a problem.”
Defendant’s Attorney: “The problem was much
larger than a watchdog could handle. Can a
watchdog stop your house from getting hit by a
hurricane? Of course not.”
Source: Adrian Angelette, “Auditors Blamed, “Baton Rouge Advocate, October
23, 2003, pp. A-1 and a-8

              Auditors Blamed (cont.)

As  part of the securitization agreement,
UC agreed to pay the principal and interest
on defaulted loans.
Creditors contend that UC failed to
account for the interest it was paying, and
D&T should have caught the mistake
After UC wrote off $605 million in debt,
the company filed for bankruptcy.
 Confidential mid-court settlement.

Source: Adrian Angelette, “United Companies Settlement Reached,”
Baton Rouge Advocate, October 31, 2003, pp. A-1 and A-12

               Find It, or I’ll Sue
       Accountants must be attuned
to detecting fraud at every level of
service, including standard
accounting services, compilations,
reviews, and bank reconciliations. If
there is fraud and you don’t detect
it, you are going to be sued, and
you will likely lose, as the public
perception is the accountant is the
              Robert J. DiPasquale, Parsippany, N.J.

Source: H.W. Wolosky, “Forensic Accounting to the Forefront,”
Practical Accountant, February 2004, pp. 23-28.

Forensic Accounting Knowledge Base

      Silk, Silk, Silk               54
  Threads of Forensic
Forensic accounting (or at
least accounting expert
witnessing) can be traced as
far back as 1817 to a court
decision. [Meyer v. Sefton]
In 1824, a young accountant
by the name of James
McCleland started business in
Glasgow, Scotland and issued
a circular that advertised
various classes of expert
witness engagements he was
prepared to undertake.
In 1856 in England, the audit
of corporations became
Investigative Accountants
Initially called investigative
accounting, many of the forensic
techniques, such as the net worth
method, were developed by IRS
agents to detect tax evaders.
 Infamous mobster, Al Capone, was
caught when Special Agents of the
IRS stepped in and charged him
with tax evasion.
 Accountants caused the crime
czar’s career to come to an end.

                   Al Capone Caper
        “Perhaps the most celebrated case
of an accountant nailing a famous
criminal was the case of Al Capone. For all
of Capone’s colorful history of violent
crime, the FBI could never gather enough
evidence to convict him until FBI agent
Eliot Ness had an idea.
        He gathered special agents of the
IRS to track the flow of cash from
Capone’s illicit activities. When the
mobster failed to pay taxes on those
earnings, the IRS nailed him for tax
        Capone went to jail and was never
a factor again. IRS recruitment posters
boast till this day: ‘Only an accountant
could catch Al Capone.’”
Source: “Book ‘Em! Forensic Accounting History and Literature,” The Kessler
Report, Vol. 1, No. 2.

          Investigative Techniques
“You know how it goes,” I said. “You get a case.
You just keep poking around, see what scurries
out.” p. 144.
“How,” Susan said, “on earth are you going to
unravel all of that?”
“Same way you do therapy,” I said.
“Which is?”
“Find a thread, follow it where it leads, and keep
on doing it.”
“Sometimes it leads to another thread.”
“Often,” I said.
“And then you follow that thread.”
“Like a game,” Susan said.
“For both of us,” I said.
Susan nodded. “Yes,” she said, “tracking down of
a person or an idea or an evasion.”
pp. 270 – 271.
Source: R.B. Parker, Widow’s Walk, Berkley Books, 2002.
Father of Forensic Accounting:

    Maurice E. Peloubet (1946)

        Max Lourie (1953)

        Robert Lindquist (1986)*

 * Repeated, First sentence in N. Brennan and J.
   Hennessy, Forensic Accounting, 2001, p. 5.

    The Essence of Forensic Accounting by
          Maurice Peloubet (1946):

“The preparation of data for and the
appearance before government agencies
as a witness to facts, to accounting
principles, or to the application of
accounting principles is essentially forensic
accounting practice rather than advocacy.”
Modern Version
“Let’s face it, we in the forensic profession
labor in an obscure corner of the vineyard.
We are the carefully selected, trusted,
highly trained guardians of one of the last
great secrets remaining on the face of the
earth - - the $600 billion [now $652], more
or less annual problem nobody knows

Joseph W. Koletar, Fraud Exposed, John Wiley &
Sons, Inc 2003, p. 228.

Be like

                          Fictional Hero
         “Forensic accounting is turning up more
frequently in the world of fiction, too. The financial
intrigue of fraud and the investigative process of
forensic accounting are a natural fit with mystery
of suspense novels. Add exotic locations, colorful
characters and a murder or two, and you have all
the elements of a classic thriller.
         There is a selection of books featuring
forensic accountants as the heroes of their own
stories, as well. Lenny Cramer, perhaps the most
prominent of this fictional group, is the star of a
series of novels written by I.W. Collett and various
         In one of these novels, Cramer tracks
forged receipts to uncover a plot to steal Burmese
religion treasures. Another features Cramer, while
conducting an audit at Coca-Coca, uncovering a
scheme to steal the company’s secret formula. In
yet another, Cramer uses his forensic accounting
skills to solve a series of murders in the New York
art world.”
Source: “Book ‘em! Forensic Accounting in History and Literature,”The Kessler
 Report, Vol. 1, No. 2.

         Panel on Audit Effectiveness
   In 1998, the Public Oversight Board
    appointed the Panel on Audit Effectiveness
    to review and evaluate how independent
    audits of the financial statements of public
    companies are performed and to assess
    whether recent trends in audit practices
    serve the public interest.
   In 2000, the Panel issues a 200-page
    report, Report and Recommendations,
    which includes a recommendation that
    auditors should perform forensic-type
    procedures during every audit to enhance
    the prospects of detecting material
    financial statement fraud.
   Did not believe a GAAS audit should
    become a fraud audit.
   In all audits the degree of audit effort in
    forensic- type steps should be more than
    inconsequential [p. 24].

AICPA Fraud Task Force Report

In 2003, the AICPA’s Litigation and Dispute
Resolution Services Subcommittee issued
a report of its Fraud Task Force entitled,
“Incorporating Forensic Procedures in an
Audit Environment.”
The report covers the professional
standards that apply when forensic
procedures are employed in an audit and
explains the various means of gathering
evidence through the use of forensic
procedures and investigative techniques.

    Required Forensic Audits Coming?

   The accounting profession may be making a
    strategic shift as they see that SAS No. 99 and
    the other rules are not protecting them from
    being the insurer of last resort.

   The Big Four along with Grant Thornton and
    BDO International recently released a report
    entitled “Serving Global Capital Markets and
    the Global Economy.” November 2006.

   In the report, one of the things they are
    suggesting is for companies to have a forensic
    audit. Companies would be required to have
    such an audit every five years or face these
    audits on a random basis.

   Standing Advisory Group (PCAOB) was not
    enthusiastic about a mandatory forensic
    audit: not cost-effective or effective at all.
    February, 2007.

“Auditing Firms Urge New Ways to Detect Fraud,” News Staff.
    Posted on November 11, 2006.

     Fraud Strategies Differ

1.   Forensic Accountants
2.   Internal Auditors
3.   External Auditors
4.   Certified Fraud Examiners
5.   Certified Financial Forensic
     Analysts (CFFAs)
6.   Certified Forensic
     Accountant (CrFA)
7.   Forensic CPA Society (FCPA)
8.   Certified in Financial
     Forensics (CFF)

Opportunities for Forensic Accountants

    FAs may provide perspective in
    situations evaluating whether
    accounting information is presented
    fairly without GAAP – based

   Identification of financial issues.
   Knowledge of investigating techniques.
   Knowledge of evidence.
   Interpretation of financial information.
   Presentation of finding.
    Sources: G. Bologna and R. Lindquist, Fraud Auditing and Forensic
    Accounting, New York City: John Wiley, 1995. F. T. DeZoort and J. D. Stanley,
    “Fair Presentation in the SOX Era: An Assessment Framework and
    Opportunities for Forensic Accountants,” J of FA, Vol. 7, 2006, p. 289.

   The ACFE group indicates that in the
    private sector, a fraud investigation
    should not be conducted without
    proper predication.
   Examples: Anonymous tips,
    complaints, audit inquires, conflict of
   Thus, predication is the basis for
    undertaking a fraud investigation.
   Without predication, the target might
    be able to sue for real or imaginary

 Who Do You Call?

Detection v.

Proactive v.

  Three Classes of Controls
Preventive controls: These controls are first in line to
prevent errors, omissions, or security incidents from
occurring. Examples include controls that restrict access
to systems to authorized persons such as intrusion
prevention systems and firewalls, and integrity
constraints that are embedded within a Database
Management System. Most Efficient

Detective controls: These controls detect errors or
incidents that have eluded the preventative controls.
Examples include controls that test whether authorization
limits have been exceeded, or an analysis of activity in
previously dormant accounts. Important when preventive
controls weak. Examples include situations where the
transactions are derived from third party reports such as
sales reports from franchisees, warranty claims reported
by auto dealers, baggage claims reported by passengers
at airports, and reports of coupons or rebates redeemed
by redemption processors.

Corrective controls: These controls correct errors,
omissions, or incidents after detection. They vary from
simple correction of data-entry errors, to identifying and
removing unauthorized users from systems or networks.
Corrective controls are the actions taken to minimize
further losses.

Sources: IIA, 2005, Global Technology Audit Guide: IT Controls,
Altamonte Springs, Fl; M. J. Nigrini, “Monitoring Techniques
Available to the Forensic Accountants,” J. of Forensic
Accounting, Vol. 7, 2006, p. 322.

  Where Fraud Prevention and Security Meet

             Fraud Prevention               Security

      Compliance         Background Checks       Guards
      Data Mining for    Site Security Survey    Closed Circuit
      Fraud              Loss Prevention         TV
      Ethics Policy      Strategy                Swipe Cards
      Anonymous          Information Security    Locks
      Tip Line           Investigations          Fences
      Risk Assessment    Interviews              Badges
      Fraud Policy       Screening Tools for     Disaster
                         External Fraud          Recovery

Source: M.T. Biegelman and J. T. Bartow, Executive Roadmap to Fraud
    Prevention and Internal Controls, John Wiley, 2006, pp. 325-326.

    Balancing Risks and Controls

Excessive Risks

•   Loss of Assets
•   Poor Business Decisions
•   Noncompliance
•   Public Scandals
•   Increased Regulations

Excessive Controls

•    Increased Bureaucracy
•    Reduced Productivity
•    Increased Complexity
•    Increased Cycle Time
•    Increase of no-value activities

        Types of Controls
Preventive controls
• Segregation of duties
• Required approvals
• Securing assets
• Passwords
• Using document control numbers
• Drug testing
• Job rotation
• Computer backup
Detective controls
• Reconciliations
• Reviews
• Event notifications
• Surprise cash count
• Counting inventory

Corrective controls
• Training
• Process redesign
• Additional technology
• Quality circle teams
• Budget variance reports
James Bond – Type Security

The TIAA-CREF’s Charlotte building is covered with
green faux windows and comes with security
features such as a revolving door that weighs
visitors when you go in and out, cameras that track
them throughout the building and security badges
that won’t let them leave if they stay longer than

The James Bond technology protects a financial
service entity’s most precious commodity:
cartridges containing customer data. “These are
our crown jewels.” CTO Sue Kozik said.

The data center could be guarded better only if it
was buried underground.

Source: Rick Rothacker, “Charlotte Site Has Quickly
Become the Firm’s Largest,” Charlotte Observer,
December 28, 2006, p. 2D.

Industry Sources: Need a Certification

   American College of Forensic Examiners (2750 E.
    Sunshine, Springfield, MO 65804; 800-423-9737; DABFA and Cr.FA; 2000)
   Certified Fraud Examiners (Association of CFEs, The
    Gregor Bldg., 716 West Avenue Austin, TX 78701; 800-
   Certified in Financial Forensics (CFF), AICPA, Fall 2008,
   Forensic CPA Society (FCPA); formed in July 2005,
    Spokane, WA.
   Certified Forensic Financial Analyst (NACVA, Salt Lake
    City, Utah 84106; 801-486-0600). Also, Certified Fraud
    Deterrence (CFD) analyst. [CFFA and CFD have merged.]
   National Litigation Support Services Association (NLSSA,
    III East Wacker Drive, Suite 990, Chicago, IL 60601;
    800-869-0491). Not-for-profit. About 20 firms. $1,825.
   Canadian Institute of Chartered Accountants (CICA) –
    CA.IFA – Alliance for Excellence in Investigative
   Certified Forensic Investigator (CFI) – Canada Early
   Certified Fraud Specialist (CFS), not-for-profit,
    educational anti-fraud corporation located in
    Sacramento, Calif., for those dealing in white-collar
    crime, fraud, and abuse issues. Association of Certified
    Fraud Specialists.
  Some accountants believe that ethics is a place in

                     Essex, U.K.
A statement made by Mark Twain
  about New England weather applies
  to fraud and corruption:
“It’s hard to predict, but everyone
  agrees there’s plenty of it.”
As Sherlock Holmes said, “the game
  is afoot.”
Read My Lips; It’s The Fraud, Stupid.

      Termites, Rust, and Fraud

• Just as termites never sleep, fraud never
• Just like termites, fraud can destroy the
foundation of an entity.
Like rust, fraud never sleeps.

"It is simply impossible to eliminate economic crime. It's
like fighting the mythical Hydra, cutting off one form of
fraud merely allows another to grow. Controls alone are
not enough. The answer lies in establishing a culture that
supports control efforts and whistle-blowing with clear
ethical guidelines. Companies need to build loyalty to the
organisation give employees the confidence to do the
right thing, and identify clear sanctions for those who
commit fraud, regardless of their position in the
                             Steven Skalak
         Quality Staff An Issue
   Bruce Dubinsky emphasizes that although forensic
    accounting is currently on the “hot” list of client
    services, there are plenty of accountants getting
    involved who shouldn’t be, because they don’t
    understand the ins and outs of the niche. “The only
    limit to our size is finding competent professionals.”
    He explains that just being an accountant is no
    longer enough to do this work – the person has to
    understand the legal system, and what the law says.
    How to interrogate and interview people are musts.
    Tracking leads and obtaining legally usable
    intelligence is also crucial. “Many accountants think
    it is simply fraud investigation and it’s not. It really is
    much more than dealing with the numbers. It’s no
    longer just basic fraud work.”

   Laurie Hotz admits that there are fewer and fewer
    people to do it: “It’s simply very hard to find qualified
    people.” He looks for a good auditor who has a solid
    background for forensic accounting. He says there
    must be awareness of public fraud, and
    notwithstanding some teeth being put into new
    regulations, there is still plenty of fraud going on.

Stuart Kahan, “Sherlock Holmes Enters Accounting,” WebCPA,
    February 11, 2007.

        Fraud is Possible
The motto of a fraudster:
  Anything is possible. The
  impossibility simply takes longer.
Biggleman’s Safe – a safe builder
  wrote blueprints of a unbreakable
  safe and locked the blueprints inside
  the safe.
Internal controls can be broken, often
  by top executives.
  Just as a pitcher tries to fool batters,
  financial statements may be
  misleading or wrong (baseball or
White-Collar Crime: Rich
      People Steal
• Edwin Sutherland coined the term
  “white-collar crime.” [Indiana
  University sociology professor.]
• Sutherland believed that white-
  collar crime is a learned behavior,
  a consequence of corporate culture
  where regulations are regarded as
  harassment, and profit is the
  measure of the man.
• “White-collar crime violates trust
  and thus creates distrust, and this
  lowers social morale and produces
  social disorganization on a large

Cynthia Crossen, “A Thirties Revelation: Rich People
  Who Steal are Criminals, Too,” Wall Street Journal,
  October 15, 2003, p. B-1.                             82
       White-Collar Crime By the
“Crime is the most flourishing and
 lucrative business in America… I
 speak now not only of the crime
 in the streets, the burglaries and
 the robberies, which represent
 tens of billions of dollars each
 year; I speak of the crime which
 we call ‘white collar’ – the crimes
 committed by the advantaged,
 not the disadvantaged; the
 crimes committed with pen and
 pencil, not with gun or ‘jimmy’;
 under the bright lights of the
 executive offices, not by
 stealth in the dark.”
 Herbert Stern, from his discussion of prosecutorial
 philosophy in the 1973 book Tiger in the Court, by Paul
 Hoffman.                                                  83
      FBI Crime Classification Manual

1. Personal Cause Homicide.

2. Sexual Homicide.

3. Group Cause Homicide.

4. Criminal Enterprise Homicide

    • Contract killing.
    • Gang-motivated.
    • Criminal competition.
    • Kidnap murder.
    • Product tampering.
    • Drug murder.
    • Insurance/ inheritance.
    • Felony-murder.
    • Commercial profit.

“People do not normally kill you for doing their taxes, but forensic
   accounting is a whole new ballgame.”
                    Adam Piore, “Fraud Scene Investigator,”
                                          March 20, 2008.          84
                   Red-Collar Crime

• A person who physically harms
  someone that may have, or is on the
  verge of detecting their fraudulent
• Fraud-detection homicide.
• Myth: White-collar criminals not violent
• Forensic accountants may be used in
  a homicide investigation when fraud
  detection may be the motive for the
• Fraud-detection motive may be
  important when a prosecutor has
  weak direct evidence.

Source: F.S. Perri and T.G. Lichtenwald, “A Proposed Addition to the FBI
  Criminal Classification Manual: Fraud-Detection Homicide,” The
  Forensic Examiner, Winter 2007, pp. 18-30.
        Tyco Prosecutor’s
        Closing Argument
  “Remember, these are two very,
  very smart men; they are not
  charged with being stupid men,”
  she said of Mr. Kozlowski and Mr.
  Swartz. “These crimes have an
  element of sophistication so you
  can be sure that when they were
  committing them they built in an
  element of deniability.” She
  added: “Every good scheme has
  it. That is how white-collar
  criminals work.”
• Mistrial on April 2, 2004.
Source: A.R. Sorkin, “Talk of Greed and Beyond at Tyco
  Trial,” N.Y. Times, March 17, 2004, p. C-1.
     Michael Comer’s Types of Fraud

1. Corruptions (e.g., kickbacks).
2. Conflicts of interest (e.g., drug/alcohol
   abuse, part-time work).
3. Theft of assets.

4. False reporting or falsifying
   performance (e.g., false accounts,
   manipulating financial results).
5. Technological abuse (e.g., computer
   related fraud, unauthorized Internet
Comer’s Rule: Fraud can happen to
   anyone at anytime.

Source: M.J. Comer, Investigating Corporate Fraud,
   Burlington, Vt.: Gower Publishing Co., 2003, pp. 4-5.

       How Corruption Occurs

     Category                          %
     Conflicts of                  61.6%
     Bribery                       42.7%
     Illegal Gratuities            29.8%
     Extortion                     16.9%

Source: 2006 Wells Report, ACFE.

  CFEs’ Ranking of Controls’ Importance in
  Detecting or Limiting Corruption Schemes

Control                            Average Score
Internal Audit/ FE Department      3.83
Fraud Hotline                      3.48
Surprise Audits                    3.41
Management Review of IC            3.14
Rewards for Whistleblowers         3.11
Mandatory Job Rotation/            2.87
Audit of F/S                       2.66
Audit of ICOFR                     2.63

Source: 2008 Wells Report, ACFE.

Given the right pressures, opportunities, and
rationalizations, many employees are capable of
committing fraud.

Bev Harris says that fraudsters and embezzlers are
the nicest people in the world:
      Wide-eyed mothers of preschoolers. Your
      best friend. CPAs with impeccable resumes.
      People who profess deep religious
      commitments. Your partner. Loyal business
      managers who arrive early, stay late, and
      never take a vacation. And sometimes, even
      FAMILY MEMBERS. So if you’re looking for a
      sinister waxed mustache and shifty eyes,
      you’re in for a surprise – scoundrels come in
      every description.

Source: “How to Unbezzle A Fortune,”, p. 1.

Starwoods Hotels Poll of Executives

Starwoods Hotels interviewed 401
top executives who golf. The
results are surprising.
Consider themselves to be honest in             99%
Played with someone who cheats at               87%
Cheated themselves at golf                      82%
Hated others who cheated at golf                82%
Believe that business and golf behaviors        72%
are parallel

Source: Del Jones, “Many CEOs Bend The Rules (of Golf),”
USA Today, June 26, 2002, p. A-1.

           The Cost of Fraud
   Organizations lose 7 percent of
    annual revenue to fraud and
   Fraud and abuse costs U.S.
    organizations more than $994*
    billion annually (about $6,860 per
   The average organization loses
    more than $18.30 a day per
    employee due to fraud and abuse.

    * $652 billion in 2006.

    Source: 2008 Wells Report
         The Trillion Dollar Gorilla
                                                 (in Billions)
U.S. Business1                                       $256.32
Federal Government2                                    239.75
State Government3                                      354.21
Tax-exempts4                                           134.5
Local Government5                                           68.4
Annual Fraud (trillion)                             $ 1.053

1. 2002 Statistics of Income, $1,281.6 trillion time 20%.
2. $2.3975 trillion budget times 10%
3. $3,542.1 million times 10%
4. $897 billion in revenue times 15%.
5. $684.6 billion times 10%.

             Fraud Multiplier
Employee Fraud = $ for $ reduction in net
Suppose $100,000 bottom line reduction.
Suppose 20% profit margin
How much new revenue needed to offset
the lost income?
$100,000 = $500,000
So ACFE says $994 billion* lost per year
$994 billion = $4.97 trillion needed
     20%                   revenue
 The FBI estimates that white collar crime
 is $300 billion each year in the U.S.

    The Cost of Fraud (cont.)
   Over 90% of occupational frauds
    involve asset misappropriations.
   Average length of a fraud scheme
    is 17 to 30 months.
   Most common way of detecting
    occupational fraud is by tips from
    employees, customers, vendors, or
    anonymous sources.
   Second way, by accident.
   Third, internal controls.
   Fourth most common detection:
    internal audit (2nd in 2004).
   The most targeted asset is cash.

            Source: 2008 Wells Report
    Ernst & Young Study (2000)

   Leading companies and public
    bodies in 15 (82) countries
   More than 82% (50%) have been
    victims of fraud in the past year.
   82% (84%) of total losses can be
    attributed to staff.
   33% (50%) of the most serious
    frauds were committed by the
    organization’s own management.
   Most with company more than 5
    years (25% more than 10 years).
   Theft of cash and purchasing
    schemes (i.e., employee kickbacks)
    constituted the majority of frauds.
   Reasons: Poor internal controls and
    finance directors had a limited
    knowledge of internal controls.

     Ernst & Young 2002 Survey
• More than 20 percent of the respondents were
aware of fraud in their workplace.
• Nearly 80 percent would be willing to turn in a
colleague thought to be committing a fraudulent
• Employers lose a staggering 20 percent of every
dollar earned to some type of workplace fraud.
• More frequently committed frauds are theft of
office items, claiming extra hours worked, inflating
expense accounts, and taking kickbacks from
• Women are more likely than men to report
fraudulent activities.
• Older employees were more likely to report
fraudulent activities than younger employees.
Ernst & Young. “American Works: Employers Lose 20 Percent
of Every Dollar to Work Place Fraud.” (2002) Available at
05-02DC                                                   97
Advantage of Compliance Spending

      General Counsel Roundtable
says that each $1 of compliance
spending saves organizations, on
the average, $5.21 in heightened
avoidance of legal liabilities, harm
to the organization’s reputation,
and lost productivity.

Source: Jonny Frank, “Fraud Risk Assessments,” Internal
Auditor, April 2004, p. 47.

              Comparison of Selected Fraud Surveys

                                   KPMG                PwC                      ACFE

Type                           Questionnaire         Interview              Questionnaire
Time Period                  2005-2006         2005                 2008
Number of participants       4,056 (6,797)     3,634                1,117 (16,606)
Response                     59.7%             Unknown              6.7%
Estimated fraud in U.S.      Not given         $1.7 million per     $994 billion (revenue)
% of companies               74% reporting     45% tangible fraud   Unclear (959)
      experiencing fraud          misconduct
Highest fraud industry       Public sector     Retail/ Consumers    Banking/ Financial
Second highest fraud         Global            Financial Services   Government
     industry                Manufacturers
Top – Fraud detection –      Not given         28%                  46.2%
Fraud detection – Internal   Not given         26%                  19.2%
Fraud detection – by         Not given         6%                   20%
Some recover of fraud        Not given         47%                  57.9%
Gender of perps - male       Not given         87%                  59.1%
Likely age                   Not given         31-40 (38%)          41-50
Fraud by senior mgt.         Not given         24%                  37.1%
Fraud by Accounting dept.    Not given         Not given            28.9%
Fraud with undergraduate     Not given         52%                  34.4%
Best control measure                           External audits      Hotlines/ surprise audit
Second best control                            Internal audits      Job Rotation/ mandatory
     measure                                                             vacation

                Frequency of Anti-Fraud Controls*

* ”External Audit of F/S” = independent external audits of the organization’s financial
   “Internal Audit / FE Department” = internal audit department or fraud examination
   “External Audit of ICOFR” = independent audits of the organization’s internal controls
   over financial reporting
   “Management Certification of F/S” = management certification of the organization’s
   financial statements
  “Management Review of IC” = regular management review of internal controls

  Source: 2008 Wells Report, ACFE.
Source: 2008 Wells Report, ACFE.
Source: 2008 Wells Report, ACFE.
  Primary Internal Control Weakness Observed
                     by CFE

Source: 2008 Wells Report, ACFE.
               PWC 2007 Survey
   Fraud's pervasiveness
      Over 43 percent of the companies interviewed
       reported suffering one or more significant economic
      The average loss from fraud per company
       increased nearly 40 percent in two years from
       roughly US$1.7 million in 2005 to approximately
       US$2.4 million in 2007.
      Over 80 percent of our respondents who suffered
       fraud also stated that this had caused damage — or
       significant damage — to their business.
      No industry is immune from the threat posed by
       economic crime although different sectors are
       impacted by different types of fraud.
   Management's impact
      The level of collateral damage is directly proportional
       to the seniority of the perpetrator. In 29 percent of the
       occasions where senior managers were involved, the
       collateral damage to the brand was very significant.
   Controls and culture
      Internal controls are not enough. An ethical corporate
       culture plays an equally important role in deterring
      Companies with both ethical guidelines and
       compliance programs report suffering fewer economic

       PWC 2007 Survey (cont.)
   Emerging markets
      Over 43 percent of the companies
       interviewed reported suffering one or more
       significant economic crimes in the past two
      Companies in which parent and
       subsidiaries employed different accounting
       systems where more susceptible to fraud
       (61 percent of cases) than those operating
       a unilateral system (52 percent).
      E7 'experts' perceive significant risk
       associated with levels of corruption, staff
       integrity and legal environment in the
       emerging markets.
      Actual levels of reported fraud in the E7
       countries are consistently high in the area
       of asset misappropriation.
      44 percent of IP infringement cases
       (worldwide) that involved a perpetrator
       overseas involved a perpetrator from

Source: PWC Global Economic Crime Survey
         Scienter Necessary

   To prove any type of fraud,
    prosecutors must show that scienter
    was present.
 That is, the fraudster must have
    known that his or her actions were
    intended to deceive.
The allure of numbers to most of us, is
    like the excitement of settling sand--a
    narcoleptic surety. Crafty criminals
    prey on this boredom. They pile on
    the numbers, spewing meaningless
    records in the false books.

                         Cory Johnson

Legally, Black’s Law Dictionary defines fraud as:
All multifarious means which human ingenuity can
      devise, and which are resorted to by one individual
      to get an advantage over another by false
      suggestions or suppression of the truth, and
      includes all surprise, trick, cunning or dissembling,
      and any unfair way by which another is cheated.
The four legal elements to fraud are
 A false representation or willful omission regarding
      a material fact.
 The fraudster knew the representation was false.
 The target relied on this misappropriation.
 The victim suffered damages or incurred a loss.
Institute of Internal Auditors definition:
Any illegal acts characterized by deceit,
   concealment, or violation of trust. These acts
   are not dependent upon the applications to
   obtain money, property, or services; to avoid
   payment or loss of services; or to secure
   personal or business advantage.

       Some Fraud Definitions

The primary factor that distinguishes fraud from
error is whether the underlying action is intentional
or unintentional. Fraud is an intentional act that
results in a material misstatement in financial
statements that are the subject of an audit. Two
types of misstatements are relevant to the auditor’s
consideration of fraud-misstatements arising from
financial reporting and misstatements arising from
misappropriation of assets.
                                                   AICPA, SAS #99/ PCAOB


The deliberate misrepresentations of the financial
condition of an enterprise accomplished through the
intentional misstatement or omission of amounts or
disclosures in the financial statements to deceive
financial statement users.

 How Fraud Occurs

Source: KPMG Fraud Study

Types of Fraud

Source: KPMG Fraud Study

Certain Fraud is Increasing

   Source: KPMG Fraud Study

Source: 2008 Wells Report, ACFE.   112
Source: 2008 Wells Report, ACFE.   113
COSO’s Most Common Fraud Methods
 1.   Overstatement of earnings.
 2.   Fictitious earnings
 3.   Understatement of expenses.
 4.   Overstatement of assets.
 5.   Understatement of allowances for
      accounts receivables.
 6.   Overstatements of the value of
      inventories by not writing down the
      value of obsolete goods.
 7.   Overstatement of property values
      and creation of fictitious assets.

     COSO’s Major Motives for Fraud

1.    Cover up assets misappropriated for
      personal gain.
2.    Increase the stock price to increase
      the benefits of insider traders and to
      receive higher cash proceeds when
      issuing new securities.
3.    Obtain national stock exchange
      listing status or maintain minimum
      exchange listing requirements to
      avoid de-listing.
4.    Avoiding a pretax loss and bolstering
      other financial results.

               COSO Survey (1999)
• Financial pressures were important contributory
factors for the commitment of financial statement
fraud (FSF).
• Top executives (e.g., CEOs, CFOs) were commonly
involved in FSF.
• The majority of alleged FSF were committed by
small companies.
• Board of directors and audit committees of the fraud
companies were weak and ineffective.
• Adverse consequences for fraud companies were
bankruptcy, significant changes in ownership, and
delisting by national stock exchanges.
• Cumulative amounts of FSF were relatively
significant and large.
• More than half of the alleged FSF involved
overstatement of revenues.
• Most FSF were not isolated to a single fiscal period.
• Fifty-five percent of the audit reports issued in the
last year of the fraud period contained unqualified
•The majority of the sample fraud companies (56
percent) were audited by Big Eight/Big Five auditing
           Business Fraud Survey (1999)
1. Nearly 15 percent reported management
   misappropriation as the greatest fraud risk to their
2. Sixty percent of the respondent reported their
   department’s fraud risk analysis process as being
   reactive in nature.
3. The majority of respondents (72 percent) reported
   that their organization did not have fraud detection
   and deterrence programs in place.
4. The majority of respondents (68 percent) reported
   that they never felt pressured to compromise the
   adherence to their organization’s standard of ethical
5. The majority of the respondents reported their
   organization’s external auditors as being
   ineffective in preventing and detecting fraud.
6. The majority of the respondents believed that more
   budgets should be devoted to fraud-related activities
   and training in department.
    The Institute of Management and Administration (IOMA) and the Institute
    of Internal Auditors(IIA). “Business Fraud Survey.” (1999). Available at
One Piece at a Time

   Johnny Cash
           One Piece At A Time
Well, I left Kentucky back in '49
   An' went to Detroit workin' on a 'sembly line
   The first year they had me puttin' wheels on cadillacs
Every day I'd watch them beauties roll by
   And sometimes I'd hang my head and cry
   'Cause I always wanted me one that was long and

   One day I devised myself a plan
   That should be the envy of most any man
   I'd sneak it out of there in a lunchbox in my hand
   Now gettin' caught meant gettin' fired
   But I figured I'd have it all by the time I retired
   I'd have me a car worth at least a hundred grand.
   I'd get it one piece at a time
   And it wouldn't cost me a dime
   You'll know it's me when I come through your town
   I'm gonna ride around in style
   I'm gonna drive everybody wild
   'Cause I'll have the only one there is a round.

   So the very next day when I punched in
   With my big lunchbox and with help from my friends
   I left that day with a lunch box full of gears
   Now, I never considered myself a thief
   GM wouldn't miss just one little piece
   Especially if I strung it out over several years.
             One Piece At A Time
The first day I got me a fuel pump
   And the next day I got me an engine and a trunk
   Then I got me a transmission and all of the chrome
   The little things I could get in my big lunchbox
   Like nuts, an' bolts, and all four shocks
   But the big stuff we snuck out in my buddy's mobile home.

   Now, up to now my plan went all right
   'Til we tried to put it all together one night
   And that's when we noticed that something was definitely
The transmission was a '53
   And the motor turned out to be a '73
   And when we tried to put in the bolts all the holes were gone.
So we drilled it out so that it would fit
   And with a little bit of help with an A-daptor kit
   We had that engine runnin' just like a song
   Now the headlight' was another sight
   We had two on the left and one on the right
   But when we pulled out the switch all three of 'em come on.

    The back end looked kinda funny too
    But we put it together and when we got thru
    Well, that's when we noticed that we only had one tail-fin
    About that time my wife walked out
    And I could see in her eyes that she had her doubts
    But she opened the door and said "Honey, take me for a

              One Piece At A Time

So we drove up town just to get the tags
   And I headed her right on down main drag
   I could hear everybody laughin' for blocks around
   But up there at the court house they didn't laugh
   'Cause to type it up it took the whole staff
   And when they got through the title weighed sixty pounds
   I got it one piece at a time
   And it didn't cost me a dime
   You'll know it's me when I come through your town
   I'm gonna ride around in style
   I'm gonna drive everybody wild
   'Cause I'll have the only one there is around.
(Spoken) Ugh! Yow, RED RYDER
   This is the COTTON MOUTH
Huh, This is the COTTON MOUTH
   And negatory on the cost of this mow-chine there RED
   You might say I went right up to the factory
   And picked it up, it's cheaper that way
   Ugh!, what model is it?

   Well, It's a '49, '50, '51, '52, '53, '54, '55, '56
   '57, '58' 59' automobile
   It's a '60, '61, '62, '63, '64, '65, '66, '67
   '68, '69, '70 automobile.

              Missing Fraud
Auditors will continue to miss fraud
because much of their work is predicted on
the assumption that separation of duties
prevents fraud (i.e., one person hold the
money and another person keeps track of
it). The Equity Funding case shakes the
foundations of auditing in that so much is
based on the assumption that people
don’t collude very long. These people
work together as an efficient team for a
very long time [9 years].
                                    Lee Seidler
“When the sun goes down, then the
sneaks will play at night.”
From Porter Wagoner “Sneaks Crawl at Night.” 122
            The Perpetrators

    First-time offenders (93% 2008).
    Losses from fraud caused by
     managers and executives were 3.5
     times greater than those caused by
     non-managerial employees [2002].
    Losses caused by men were 3 times
     those caused by women [53% males];
     [Male, 59.1%, 2008].
    Losses caused by perpetrators 60
     and older were 27 times those
     caused by perpetrators 25 or younger
    Losses caused by perpetrators with
     post-graduate degrees were more
     than 3.5 times greater than those
     caused by high school graduates
    Acted alone (63.9% in 2008).

Source: 2008/ 2002 ACFE Report
FBI Part 2 Offenses — Female

 Embezzlement         41%
 Fraud                39%
 Forgery              36%
 Larceny – theft      33%
 Serial Killer (62)   20%

    White-collar criminals have these

   Likely to be married.
   Member of a church.
   Educated beyond high school.
   No arrest record.
   Age range from teens to over
   Socially conforming.
   Employment tenure from 1 to
    20 years.
   Acts alone 70% of the time.

Source: Jack Robertson, Fraud Examination for
    Managers and Auditors (1997).

     Other Characteristics of Occupational

   Egotistical                Inquisitive
   Risk taker
                               Rule breaker
   Hard Worker
   Greedy
                               Under stress
   Disgruntled or a           Financial need
                               Big spender
   Overwhelming
    desire for personal        Close
                                relationship with
   Pressured to                vendors /

Source: Lisa Eversole, “Profile of a Fraudster,” Some Fraud

 To be a forensic auditor, you have
 to have a knowledge of fraud,
 what fraud looks like, how it works,
 and how and why people steal.
              - Robert J. Lindquist

"Finding fraud is like using a metal
detector at a city dump to find rare
coins. You're going to have a lot of
false hits."
            - D. Larry Crumbley

“Fraud can be best prevented by good
people asking the right questions at
the right time.”
            - Michael J. Comer
“Finding fraud is like trying to load frogs
on to a wheelbarrow.”
        Larry Crumbley

   It’s easy to fall in love;
   It’s easy to commit fraud;
   It’s hard to catch the fraud.

         Fraud Catching

Finding fraud is like trying to herd
cats and chickens.
There is a chicken catching
machine (150 chickens per
minute),* but there is no perfect
fraud catching machine.
              D. Larry Crumbley

* PH2000 mechanical chicken harvester.
Scott Kilman, “Poultry in Motion: Chicken
Catching Goes High Tech,” Wall Street
Journal, June 4, 2003, p. A-1. Human can
catch about 1,000 an hour. $200,000 cost.

         How Fraud Is Detected

                             2008      2006       2004
1.   Tips                    46.2%    34.2%      39.6%
2.   By accident              20%     25.4%      21.3%
3.   Internal audit          19.4%    20.2%      23.8%

4.   Internal                23.3%    19.2%      18.4%
5.   External audits          9.1%    12.0%      10.9%
6.   Notification by          3.2%     3.8%        0.9%

Source: 2008/ 2006/ 2004 Wells Reports, ACFE.

A British publication suggests that prosecutors think
that accountants have x-ray vision. “It is assumed
that if an accountant stares really hard at a set of
accounts, then somehow, magically, information will
appear before his/ her eyes that are invisible to lesser

NIFA News, Number 10, p.1.                                 130
             Sources of Tips

                          2008     2006
Employee                  57.7%    64.1%
Customer                  17.6%    10.7%
Vendor                    12.3%    7.1%

Shareholder/ owner         9.2%     NA
Anonymous                  8.9%    18.1%
Competitor                 1.0%     NA

Source: 2008/ 2006 Wells Report, ACFE.

           Tips Are Important

    Some of the biggest recent accounting
scandals (e.g., HealthSouth, Xerox, Waste
Management) involve situations where the
auditors were tipped off or otherwise
alerted to possible frauds but they failed to
investigate them deeply enough.
    In her book Power Failure, Sherron
Watkins says she talked to Jim Hecker, at
Arthur Andersen, on the phone about the
dangers of the Raptors and Fastow’s
inherent conflict. Hecker wrote a memo to
the files and forwarded copies to David
Duncan and Enron’s audit partner, Debra
Cash. His note: “Here is my draft memo, for
your review, for ‘smoking guns’ that you can
not extinguish.” p. 285.

   Finding Fraud In The Midst of a Conspiracy

When speaking about the fraud of HealthSouth, a
  spokesman for Ernst & Young emphasized the
  difficulty of detecting accounting fraud in the
  midst of a conspiracy of senior executives and
  false documentation.
An accountant testified that HealthSouth employees
  would move expenses of $500 to $4,999 from
  the income statement to the balance sheet
  throughout the year. Overall the SEC said about
  $1 billion in fixed assets were falsely entered. The
  employees moved only those expenses less than
  $5,000, because Ernst & Young automatically
  looked at those expenses over $5,000.
An ex-bookkeeper even sent Ernst & Young an e-
  mail flagging one area of the fraud, but E & Y still
  did not catch it. Employees actually produced
  false invoices when the accounting firm asked for

Source: Charles Mollenkamp, “Accountant Tried in Vain to Expose
  HealthSouth Fraud,” Wall Street Journal, May 20, 2003, pp. A-1
  and A-13.

You should attack fraud problems
the way the fictional Sherlock
Holmes approached murder cases
                        D. Larry Crumbley
To be a good fraud auditor, you
have to be a good detective.
             Source: Robert J. Lindquist
Many lap-dog internal and
external auditors need to be
replaced with junkyard dogs.
                           D. Larry Crumbley

                Difficult Task

    More forensic techniques should
become a part of both external and internal
auditing. But Stephen Seliskar says that “in
terms of the sheer labor, the magnitude of
effort, time and expense required to do a
single, very focused [forensic] investigation
-- as contrasted to auditing a set of the
financial statements -- the difference is
incredible.” It is physically impossible to
conduct a generic fraud investigation of an
entire business.

    Source: Eric Krell, “Will Forensic Accounting Go
Mainstream?” Business Finance Journal, October 2002,
pp. 30-34.

    Once a forensic accountant [e.g., Cr.FA,
CFE, CFFA] is engaged, Michael Kessler
says that they should not be disruptive.
Most employees are not aware that an
investigation is taking place. We go in as
just another set of auditors, favoring a
Columbo-esque investigative style. “We
don’t wear special windbreakers that say
‘forensic accountant.’”

     Source: Eric Krell, “Will Forensic Accounting Go
Mainstream?” Business Finance Journal, October 2002,
pp. 30-34.

                         Kessler Survey (2001)

 About 13% of employees are
  fundamentally dishonest.
 Employees out-steal shoplifters.

 About 21% of employees are
 But 66% are encouraged to steal if
  they see others doing it without
Source: “Studies Show 13% of employees are fundamentally
      dishonest,” KesslerNews, November 1, 2001,
    30% of people in U.S. are dishonest.
    30% situational dishonest.
    40% are honest all of the time.

Source: R.C. Hollinger, Dishonesty in the Workplace, Park Rider, N.Y.:
   London House Press, 1989, pp. 1-5.                             137
               Little Has Changed: CFO Survey

    Nearly half of CFOs – 47 percent – report
     they still feel pressure from their superiors
     to use aggressive accounting to make
     results look better.
    What is worrisome is that the pressure to
     make the numbers hasn’t abated much. Of
     these who have felt pressure in the past,
     only 38 percent think there is less pressure
     today than there was three years ago, and
     20 percent say there is more.
    Few finance executives have much
     confidence in the numbers their colleagues
     are reporting. Only 27 percent say that if
     they were investing their own money, they
     would feel “very confident” about the
     quality and completeness of information
     available about public companies.
Source: Don Durfee, “It’s Better (and Worse) Than You Think,” CFO Magazine, May 3, 2004.

    Some Infamous Financial Statement Frauds
   Tyco
     •   Large interest-free loans to officers; then forgiven ($87.1 million).
     •   Unauthorized bonuses (no approval of BOD).
     •   Fake documents showing no loans outstanding.
     •   SEC found that PwC had prior knowledge of fraud back to 1998.
     •   Undisclosed real estate transaction with related parties.
     •   False entries in books to cover-up bribes given to foreign officials.
     •   If numbers did not meet expectations, Richard Scrushy told
         employees to “fix them.”

   Adelphia [Greek for brothers]
     •   Moved debt to subsidiaries which were not consolidated.
     •   Personal loans to the Rigas family (self-dealing).
     •   Falsified operations statistics and inflated earnings.

   Xerox
     •   Accelerated revenues from leasing equipment.
     •   Cookie jar reserves.

   Sunbeam
     •   Cookie-jar restructuring reserves.
     •   Channel stuffing.
     •   Guaranteed sales.
     •   Improper bill and hold.

    Some Infamous Financial Statement Frauds

   Waste Management
     •   Reduced depreciation expense by inflating salvage value and
         extending useful lives.
     •   No write-offs for unsuccessful land projects.
     •   Improperly capitalized a number of expenses.
     •   Made top drawer adjustments.

   HPL Technologies (2001-2002)
     •   Created many fake purchase orders from Canon sales (a
         Japanese distributor). Printed and pasted Canon signatures on
         the documents.
     •   Altered bank records to create millions of dollars in nonexistence
         customer payments.
     •   Borrowed millions from his brokerage account (secured by HPL
         stock) and channeled the funds into the company in the form of

   Baptist Foundation of Arizona
     •   Set up subsidiaries owned by insiders to buy real estate (which
         had crashed in value) from BFA.
     •   BFA then recorded notes receivables in the amount of the book
     •   Ran a ponzi scheme using new investors’ money to pay old
         investors high returns.
     •   Refused to give Arthur Anderson financial statements of the

 D.R. Cressey’s Fraud Pyramid

Don’t think you’re the only ones
Who bend it, break it, stretch it some.
We learn from you.
Girls lie, too
                          Terri Clark

SAS No. 99 Characteristics of

          Incentives / pressures

Attitude /                    Opportunity

        Everyone Has A Price?
President Abraham Lincoln is supposed to have thrown a
man out of his office after being offered a bribe. The bribe
involved a substantial sum, and Lincoln was very angry.
His anger was directed at the man in question, but also at
himself. He is reputed to have said, “Every man has his
price, and he was getting too close to mine.”*

The “price” where a person will act dishonestly (e.g., steal,
cook the books) varies from person to person.

What is your price?

In a scene from the movie, The Family Man, an angel stands
behind the counter of a convenience store and takes a $1 bill
from a young woman who is purchasing a $0.99 beverage.
The angel counts out change for $10 and hands the
overpayment to the woman. The customer stares blankly at
the clerk, takes the money and the beverage, and leaves. The
angel is left to lament the lack of ethical behavior for just
$9. “Character, and for what, $9; that is so

* From a speech by Lynn Turner, former chief accountant of U.S.
Securities and Exchange Commission, given at the 39th Annual
Corporate Counsel Institute, Northwestern University School of Law,
October 12, 2000.

** MCA Home Video 2000.                                           143
             Fraud Pyramid
   Motive
      Excessive spending to keep up appearances of
      Other, outside business financial strains.

      An illicit romantic relationship.

      Alcohol, drug or gambling abuse problems.

   Opportunity
      Lack of internal controls.

      Perception of detection = proactive preventative
   Rationalization (reduces offender’s inhibitions)
      “Borrowing” money temporarily.

      Justifying the theft out of a sense of being
        underpaid. (“I was only taking what was mine.”)
      Depersonalizing the victim of the theft. (I wasn’t
        stealing from my boss; I was stealing from the

               Psychology of Fraud

      Fraud can be explained by three factors:
        •   Supply of motivated offenders.
        •   Availability of suitable targets.
        •   Absence of capable guardians (e.g.,
            internal controls).

      The three B’s -- babes, booze, and bets.

      Some fraudsters wish to make fools of
       their victims. They take delight in the act

      Risk of fraud is a product of both
       personality and environmental (or
       situational) variables.

Grace Duffield and Peter Grabosky, “The Psychology of Fraud,” Australian
       Institute of Criminology, No. 19.

The Fraud Diamond

                   Incentive/ Pressures

 Capacity                                      Opportunity

                 Rationalization/ Integrity

  Capacity: Necessary traits; abilities; can pull it
  off; positional authority

  D.T. Wolfe and D.R. Hermanson, “The Fraud Diamond:
  Considering The Four Elements of Fraud,” The CPA J.,
  December, 2004, pp. 38-42.                             146
“I don’t see many ways to eliminate greed; it
    is an inherent part of the human
    character. So antifraud measures must
    be aimed at educating people on the
    risks and the type of technical controls
    that they can implement.”
                                              Alan Oliphant
Source: David G. Banks, “The Fight Against
    Fraud,” Internal Auditor, April 2004, pp.
“It was definitely the perfect fraud……..
unfortunately they hired the perfect
                 Cartoon in M.J. Comer’s book

        Example of Greed (or Incentive)

  Three Duke Energy employees were
charged in April 2004 for allegedly ginning up
“phony electricity and material-gas trades to
boost trading volumes” and inflating “profits
in a trading book that was the basis of their
annual profits.”
 “The trading schemes are alleged to have
inflated their bonuses by at least $7 million”
between March 2001 and May 2002. There
were 400 rigged trades that produced a $50
million profit in the trade books.
 Duke used mark-to-market accounting to
record profit and loss contracts that might not
be settled for years.
 So called “round-trips trades (or wash
sales) were used to jack up reported trading
Source: Rebecca Smith, “Former Employees of Duke Charged Over Wash
Trades,” WSJ, April 22, 2004, p. A-15.

KPMG’s Causes or Indicators of Fraud

   Personal financial pressure.
   Substance abuse.
   Gambling.
   Real or imagined grievances.
   Ongoing transactions with related
   Increased stress.
   Internal pressures to meet
   Short vacations.
   Unusual hours.

Source: KPMG’s 1998 Fraud Survey

How Fraud is Discovered-Singapore 2002

      Management investigation (41%).
      Anonymous letter/informant (35%).
      Internal controls (33%).
      By chance (26%).
      Internal auditor review (12%).
Source: KPMG Fraud Survey Report, 2002.

                  I’m gonna keep follow’
                            a feelin.’
                     Till I find what I’m
               looking for.
                                    Austin Sherrie

    Singapore Fraud Survey, 2002

   Management investigation, informant
    notification, and good internal controls rank
    highly as methods of fraud detection.
   76% of the frauds were perpetrated
    internally [management (41%) and non-
    management employees (35%)]
   Poor internal controls, override of internal
    controls, and collusion between employees
    and third parties were the top three
    reasons cited as to why frauds were
    allowed to take place
   “Red flags,” which should have alerted
    respondents to the fraud, were present and
    ignored in 29% of cases.
   The main reason for not reporting fraud
    was lack of evidence
   The typical fraudster is predominantly male
    within the age group of 26-40 years and
    has an annual income between $15,000 to
    $30,000. 44% of fraudsters have tertiary
    educational qualifications.

   Sherron Watkins provides an
excellent comment about
rationalization with respect to
Enron’s Jeff Skilling and Andy
   At what point did they turn
crooked? “But there is not a
defining point where they became
corrupt. It was one small step after
another, with more and more
rationalizations. There was a slow
erosion of values over time.”

    Source: Pamela Colloff, “The Whistle-
Blower,” Texas Monthly, April 2003, p. 141.

      Fraud’s Fatal Failings

   85% of fraud victims never get
    their money or property back.
   Most investigations flounder,
    leaving the victims to defend
    for themselves against
    counter-attacks by hostile
   30% of companies that fail do
    so because of fraud.

Source: Michael J. Comer, Investigating
    Corporate Fraud, Burlington, VT: Gower
    Publishing, 2003, p. 9.

    Importing Sarbanes-Oxley?

    One-size-fits-all approach.
    Resulted in a loss of foreign listings on
     U.S. exchanges.
    U.S. exchanges seek to acquire foreign
    Market consolidations may impose U.S.
     regulatory standards across national
    Foreign companies listed on U.S.
     exchanges are subject to SOX.
    Once 500 Americans hold shares in a
     foreign-listed company, if separate
     platforms not maintained, subject to
     U.S. laws and rules (including SOX).
     Harvey Pitt, “Sarbanes-Oxley Is An Unhealthy Export,”
     Financial Times, June 21, 2006, p.15.

    Sarbanes-Oxley Act (7-30-2002)
   Most significant change since 1934
    Securities Exchange Act
   New five-member Public Company
    Accounting Oversight Board (PCAOB)
   Authority to set and enforce auditing,
    attestation, quality control and ethics
    (including independencies) standards for
    auditors of public companies.
   Empowered to inspect the auditing
    operations of public accounting firms that
    audit public companies as well as impose
    disciplinary and remedial sanctions for
    violations of the board’s rules, securities
    laws and professional auditing and
    accounting standards.
   Rotation of lead and concurring audit
    partners every five years (5 year time-out

    Sarbanes-Oxley Act (7-30-2002)
   Eight types of services outlawed:
     + Bookkeeping.
     + Information systems design and
     + Appraisals or valuation services, fairness
        opinions, or contribution-in-kind-reports.
     + Actuarial services
     + Internal audit outsourcing
     + Management and human resources
     + Broker/dealer, investment adviser, and
        investment banking services
     + Legal or expert services related to audit
   Applies to foreign accounting firms filing
    with SEC after July 15, 2006.
, to get free
    subscription to PCAOB Update.
      Sarbanes-Oxley Act of 2002
   If you are going to be an auditor, you have to be an
    auditor, not an auditor and a consultant [Senator Jack
   In order to be independent, an accounting firm should
       Audit ones own work.

       Function as part of management or an employee.

       Act as an advocate.

   No limitations are placed upon accounting firms in
    providing non-audit services to public companies they
    do not audit or any private companies.
   Audit services and non-audit services (e.g., tax) must be
    pre-approved by the audit committee, if not prohibited
    by the Act (before the service commences).
   Auditor must report to the audit committee on a timely
   Cooling off period of one year before a member of the
    audit engagement team can begin working for the
    registrant in certain positions.
   There is no requirement to rotate the auditors.
   There is discussion of requiring a forensic audit
    irregularly. Harvey Pitt suggested this proposal.

         Sarbanes-Oxley (contd.)
   Many of the Sarbanes-Oxley’s provisions became
    effective July 30, 2002.
   Thus, the SEC will control the auditing standards, not
    the AICPA.
   Auditors to report to audit committee, and audit
    committee must approve all services.
   Crime to corruptly alter, destroy, mutilate, or conceal
    any document with the intent to impair the object’s
    integrity or availability (up to 20 years).
   Statute of limitations for the discovery of fraud is now
    two years from the date of discovery and 5 years
    after the act.
   Maximum penalty for mail and wire fraud is increased
    from 5 to 10 years.
   Financial statement filed with SEC: certified by CEO
    and CFO. Maximum penalties for willful and
    knowingly violation: fined not more than $5 million
    and/or imprisonment of up to 20 years.
   Sense of Congress: CEO should sign the Federal
    income tax return.

SOX’s Effects on Smaller Firms
1.    Smaller firms have incurred higher SOX-
      related costs.
         Larger increase in audit fees – ineffective internal
         Complex standards affect smaller firms because
          they lack in-house staff.
         Larger firms stopped working with smaller firms.
         Larger non-audit fees.
2.    Directors fees much higher.
3.    Potential benefits for smaller firms are
      higher for small firms.
4.    Overall, SOX imposes a net loss on all firms.
5.    CEOs and CFOs spent as much as 90% of
      their time on compliance, forcing them to
      defer investments.
6.    SOX reduced the value of small firms—no
      effect or positive for large firms.

Source: E. Kamar, P.K. Mandic, and E. Talley, “SOX’s Effects on
     Small Firms: What Is the Evidence?” June 2007.

     Sarbanes-Oxley Act Creates Need For
            Forensic Accounting

1.   To assist corporations in their quest to
     ensure compliance with the mandates
     of S-O.
2.   Public accounting firms must introduce
     forensic techniques into audits, and
     they may request help from forensic
     Robbers do not need guns. Pencil and
     paper will do. Opportunity and greed
     are thievery’s driving forces. Put
     enough zeroes behind a number, and
     it’s amazing how flexible morals
     become. How many years in prison
     would you do to accumulate a half a
     billion dollars in your bank account?
                                        John H. Bolt

     Section 404-Sarbanes-Oxley

   Beginning June 2004, large
    companies must have in place
    tight internal controls, assess the
    effectiveness of these controls
    annually (and issue a report of
    their effectiveness), and pay for
    an independent assessment by
    external auditors.
   Need an internal control
    framework (e.g., COSO or
   Companies are paying steep
    fees to fund the PCAOB.
   Audit fees have increased by as
    much as 30% since S/O.

          FEI’s Costs of Compliance
      Revenue            First-Year Costs        First-Year Hours
Less than $25                $.28 million                1,996
$25 to $99 million           $.74 million                3,080
$100 to $499                 $.78 million                5,118
$500 to $999                $1.04 million                6,950
$1 to $4.9 billion          $1.83 million                13,355
Over 5 billion              $4.67 million                41,201

• Audit fees have increased about 50%.
• First year spending around $10 billion. Steve
  Watkins, “For Some, SOX Is No Hassle at
  IBD, January 14, 2005, p. A6.
• About $100,000 each year for insuring Board
                 Source: Financial Executive Institute

     Six-Legged Table of Financial Statements


   Board of Directors               Manageme

                        PCAOB and              External
                        SEC                    Auditor

In a baseball analogy, think of the pitcher
as the auditee, the catcher as the internal
auditor, the manager as top management,
the scorekeeper as the external auditor,
and the umpire would be PCAOB (SEC).
The scoreboard could be the general
                    The Big “R”           163
    Parallel Universe: Two Opinions
        External auditors must do a regular
   audit of a company (e.g., financial
   statements are fairly stated) and must also
   audit the internal controls that are to
   ensure that the financial statements are
   accurate (e.g., issue two opinions).
        Prior to the external auditors’ arrival,
   the company itself must review its internal
   controls and issue a report on the
   effectiveness of these controls.
        There will be two external opinions: on
   management’s assessment of the internal
   controls over financial reporting and
   another one on the effectiveness of the
   internal controls themselves (e.g.,
   statements are fairly stated).
PCAOB Release 2004-001.

            Anti-Fraud Strategy

     The company’s stance on fraud
      and other breaches of the ethical
     What will be done and by whom in
      the case that frauds or other
      breaches are suspected.
     The key initiatives which the
      company proposes;
     Who will lead these initiatives.
     Clear deadlines and measures for
      monitoring effectiveness of

Source: David Davies, Fraud Watch, 2nd Edition., London, ABG
      Professional Information, 2000, p. 77.

               Anti-Fraud Program

                 An auditor must perform
      “company-wide anti-fraud programs
      and controls and work related to other
      controls that have a pervasive effect on
      the company, such as general controls
      over the company’s electronic data
                 Further, the auditor must
      “obtain directly the ‘principal evidence’
      about the effectiveness of internal
                 PCAOB endorses the COSO
      Cube [pp. 24-26 and A-25 and A-26]

Source: PCAOB Release 2004-001.

                Several Strategies
1. Establishment of responsible corporate
   governance, a vigilant board of directors and
   audit committees, diligent management, and
   adequate and effective internal audit functions.
2. Utilization of an alert, skeptical external audit
   function, responsible legal counsel, adequate and
   effective internal control structure, and external
   regulatory procedures.
3. Implementation of appropriate corporate
   strategies for correction of the committed
   financial statement fraud, elimination of the
   probability of its future occurrences, and
   restoration of confidence in the financial
   reporting process.
   Financial statement fraud occurs when one or a
   combination of these strategies are relaxed due to
   self-interest, lack of due diligence, pressure,
   over-reliance, or lack of dedication.
Source: Crumbley, Razaee, Ziegenfuss, U.S. Master Auditing Guide,
   Chicago, CCH, pp. 689-690.                                       167
Frameworks Being Used by CFOs

• Auditing Standard No. 2
• COBIT (Control/ Objectives
  for Inf./ Related Technology)
• SAS 55/78 (AICPA)
• Others                          2%

(5 components of internal controls)


            The COSO Model
1.   Control environment – management’s
     attitude toward controls, or the “tone at the
2.   Risk assessment – management’s
     assessment of the factors that could prevent
     the organization from meeting its objectives.
3.   Control activities – specific policies and
     procedures that provide a reasonable
     assurance that the organization will meet its
     objectives. The control activities should
     address the risks identified by management
     in its risk assessment.
4.   Information and communication – system
     that allows management to evaluate
     progress toward meeting the organization’s
5.   Monitoring – continuous monitoring of the
     internal control process with appropriate
     modification made as deemed necessary.

COSO New Cube: Enterprise Risk Management

Source: See Apostolou and Crumbley, “ Sarbanes-Oxley
Fall-out Leads to Auditing Standards No. 2: Importance of Internal
Controls,” The Value Examiner, November/December 2004, pp. 55-60.
    Management Control Philosophy

   Fraudulent Financial Reporting more likely
    to occur if
   Firm has a poor management control philosophy.
   Weak control structures.
   Strong motive for engaging in financial statement

   Poor management philosophy:
   Large numbers of related party transactions.
   Continuing presence of the firm’s founder.
   Absence of a long-term institutional investor.

Source: Paul Dunn “Aspect of Management Control Philosophy that
   contributes to fraudulent Financial Reporting,” Journal of Forensic
   Accounting, Vol. IV (2003), pp. 35-60

     Segregation of Accounting Duties
          Effective segregation of accounting
           duties is achieved when the following
           functions are separated:
               Authorization—approving transactions and
               Recording—Preparing source documents;
                maintaining journals, ledgers, or other files;
                preparing reconciliations; and preparing
                performance reports.
               Custody—Handling cash, maintaining an
                inventory storeroom, receiving incoming
                customer checks, writing checks on the
                organization’s bank account.
          If any two of the preceding functions
           are the responsibility of one person,
           then problems can arise.

Source: Accounting Information Systems, 10e
Romney/Steinbart, PH                                             174
                   CONTROL ACTIVITIES
            CUSTODIAL                              RECORDING
              FUNCTIONS                              FUNCTIONS
    •     Handling cash                      •   Preparing source
    •     Handling                               documents
          inventories, tools, or             •   Maintaining journals,
          fixed assets                           ledgers, or other files
    •     Writing checks                     •   Preparing
    •     Receiving checks in                    reconciliations
          mail                               •   Preparing
                                                 performance reports
•       EXAMPLE OF
        PROBLEM: A person
        who has custody of
        cash receipts and the
        recording for those
        receipts can steal some
        of the cash and falsify
        accounts to conceal the
•       SOLUTION: The pink
        fence (segregation of       AUTHORIZATION
        custody and recording)          FUNCTIONS
        prevents employees         • Authorization of
        from falsifying records      transactions
        to conceal theft of
        assets entrusted to
                                   Source: Accounting Information
                                   Systems, 10e Romney/Steinbart, PH
        CUSTODIAL                                RECORDING
          FUNCTIONS                                FUNCTIONS
  •   Handling cash                   •       Preparing source
  •   Handling
      inventories, tools, or          •       Maintaining journals,
      fixed assets                            ledgers, or other files
  •   Writing checks                  •       Preparing
  •   Receiving checks in
      mail                            •       Preparing performance

                                          •    EXAMPLE OF
                                               PROBLEM: A person
                                               who has custody of
                                               checks for transactions
                                               that he has authorized
                                               can authorize fictitious
                                               transactions and then
                                               steal the payments.
                                          •    SOLUTION: The green
                                               fence (segregation of
                                               custody and
            AUTHORIZATION                      authorization) prevents
                FUNCTIONS                      employees from
           • Authorization of                  authorizing fictitious or
                                               inaccurate transactions
              transactions                     as a means of concealing
                                               a theft.

Source: Accounting Information Systems, 10e Romney/ Steinbart,
PH                                                                    176
    • Handling cash                      • Preparing source
    • Handling inventories,
      tools, or fixed assets             • Maintaining journals,
                                           ledgers, or other files
    • Writing checks
                                         • Preparing reconciliations
    • Receiving checks in mail
                                         • Preparing performance

      PROBLEM: A person who
      can authorize a transaction
      and keep records related to
      the transactions can
      authorize and record
      fictitious payments that
      might, for example, be sent
      to the employee’s home
      address or the address of a
      shell company he creates.
•     SOLUTION: The purple
      fence (segregation of
      recording and
      authorization) prevents
      employees from falsifying      AUTHORIZATION
      records to cover up                FUNCTIONS
      inaccurate or false
      transactions that were        • Authorization of
      inappropriately authorized.      transactions
Source: Accounting Information Systems, 10e Romney/Steinbart, PH   177
    Risk Assessment Benefits

        A major step in a forensic audit is to
conduct a risk assessment, which entails a
comprehensive review and analysis of program
operations in order to determine where risks
exists and what those risks are.
        Any operation developed during the risk
assessment process provides the foundation
or basis upon which management can
determine the nature and type of corrective
actions needed.
        A risk assessment helps an auditor to
target high-risk areas where the greatest
vulnerabilities exist and develop
recommendations to strength internal controls

Source: B.l. Derby, “Data Mining for Improper Payments,”
Journal of Government Management, Winter 2003,
Vol.52, No. 4, pp. 10-13.
     Fraud Risk Assessment

Ernst & Young report found that
organizations that had not
performed fraud vulnerability
reviews were almost two-thirds
more likely to have suffered a
fraud within the past 12 months.
J.W. Koletar, p. 167.

A company should have a fraud
risk assessment performed of
their controls, procedures,
systems, and operations. J.W.
Koletar, p. 166.

Sources: J.W. Koletar, Fraud Exposed, John Wiley &
Sons, 2003

   Fraud Risk-Assessment Process
1. Organize the assessment – integrate into
organization’s existing business cycle or
establish a separate cycle.
2. Determine areas to assess – conduct at
company wide, business-unit, and
significant-account levels.
3. Identify potential schemes and scenarios
– typically affecting the industry or
 Fraudulent financial reporting.
Misappropriation of assets.
Expenditures and liabilities for an
improper purpose (cash kickbacks and
Organization commits a fraud against
employees or third parties.
Tax fraud.
Financial misconduct by senior

     Fraud Risk-Assessment Process
4. Assess likelihood of fraud
Reasonably possible
5. Assess significance of risk
More than inconsequential
6. Link antifraud controls – identify the
control activities for fraud risks that are both
more than likely to occur and more than
inconsequential in amount.
7. Apply assessment results to the audit plan
– consider and document the results of the
fraud assessment when developing the audit

Source: Jonny Frank, “Fraud Risk Assessments,” Internal Auditor,
April, 2004, pp. 43-47.

    Swimming Lanes
              Mary Ben   Jane Sam

Controls       X               X

Entries in     X    X     X

Deposits            X          X

Does           X          X

Controls            X     X    X

Sophisticated Approaches

1.   The Quad Method
2.   The Staggered Box Method
3.   The Chessboard Method

     COSO Guidance

Risk Assessment Matrix

See COSO, “Guidance for Smaller
  Public Companies,”

     PCAOB’s AS2 Report:
1.    Failure to coordinate or integrate the
      AS2 audit of internal controls with the
      financial audit.
2.    Doing detail testing before the top
      down audit looking for the high risk
      areas (e.g., fishing).
3.    Inadequate consideration of the
      unique risk factors of the company
      (e.g., avoid the checklist mentality).
      Do not audit the low risk areas.
4.    Inefficient walkthroughs of
      transaction controls.
5.    Too little reliance on others.
6.    Insufficient evaluation of
      compensating controls when there is
      a discovery of control deficiencies.
7.    Inadequate testing of controls over
      financial statement presentation and

     GAP Analysis
Actual Internal Controls

Organization’s Stated Internal

Best Practice Internal Controls

     SAS No. 99 Types of Fraud

    Unlike errors, fraud is intentional and
    most often involves deliberate
    concealment of facts by management,
    employees, or third parties

   Fraudulent Financial Reporting: does
    not follow GAAP (e.g., recording
    fictitious sales)

   Misappropriation of Assets:
    embezzling receipts, stealing assets,
    or causing an entity to pay for goods
    or services that have not been

    Often accomplished by false or
    misleading records or documents,
    possibly created by circumventing
    internal controls.
Fraudulent financial reporting may
       occur by the following:
 Manipulation, falsification, or
    alteration of accounting
    records, or supporting
    documents from which
    financial statements are
 Misrepresentation in or
    intentional omission from the
    financial statements of events,
    transactions, or other
    significant information.
 Intentional misapplication of
    accounting principles relating
    to amounts, classification,
    manner of presentation, or
Source: SAS No. 99, “Consideration of Fraud in a
     Financial Statement Audit,” New York: AICPA
Enron’s crude oil trading operation based in
Valhalla, New York was fictitious, according
to one auditor. “It was pretend. It was a
playhouse. There were a lot of expensive
people working there, and it was impressive
looking, but it wasn’t legitimate work.
The traders were keeping two sets of
books, one for legitimate purposes – to
show Enron and auditors from Arthur
Andersen – one other set in which to record
their ill-gotten gains.

Source: Mimi Swartz and Sherron Watkins, Power
Failure, New York: Doubleday, 2003, p.31.

SAS No. 99 Ways to Overcome the Risk of
   Management Override of Controls

    Examining journal entries
     and other adjustments.
    Reviewing accounting
     estimates for bias,
     including a retrospective
     review of significant
     management estimates.
    Evaluating the business
     rationale for significant
     unusual transactions.

          Parmalat Deceptions
   Parmalat, an Italian diary company, had a
    nonexistence Bank of America bank
    account worth $4.83 billion. A SEC lawsuit
    asserts that Parmalat “engaged in one of
    the largest and most brazen corporate
    financial frauds in history.”
   Apparently, the auditors Grant Thornton
    relied on a fake Bank of America
    confirmation prepared by the company.
   SAS No. 99 does not prohibit clients from
    preparing confirmations.
   The fraud continued for more than a
    decade. At least $9 billion unaccounted for.
   Therefore, the audited company should not
    be in control of the confirmation process.
   The owner treated the public company as
    if it was his own bank account.
   An unaware phone operator was the fake
    chief executive of more than 25 affiliated
   Some $3.6 billion in bonds claimed to be
    repurchased had not really been bought.
   Enron issued $1.2 billion of stock to
    special purpose entities and recorded a
    $1.2 billion notes receivable (rather than
    a contra account to stockholders equity).
    Both assets and owners equity were
    overstated by $1.2 billion.
   HealthSouth allegedly overstated profits
    by at least $14 billion by billing Medicare
    for physical – therapy services the
    company never performed. The company
    submitted falsified documents to
    Medicare to verify the claims over 10
   E&Y collected $2.6 million from
    HealthSouth (as audit-related fees) to
    check the cleanliness and physical
    appearances of 1,800 facilities. A 50-
    point checklist was used by dozens of
    junior-level accountants in unannounced
    visits. For 2000, E&Y audit fee, $1.03
    million; other fees, $2.65 million.

    Embezzlement and Slush Funds
      Chung Mong-Koo, chairman of Hyundai Motor,
       South Korea’s largest carmaker, was sentenced to
       three years in prison in February 2007, for
       embezzlement, breach of trust, and secretively
       setting up slush funds.
      Mr. Chung embezzled about $100 million of
       company funds and inflicted about $224 million of
       damage on group affiliates during rights issues.
      Convicted of using deals to boost his financial gains
       and those of his son, who runs affiliate Kia Motors.
      Welcomed by corporate governance campaigners
       which showed that Korea would no longer tolerate
       chaebol owners using their companies to pursue
       their personal interests.
      Although he owned only 5%, he ran it as a family
       business. Employees were terrified of him.
       Whistleblower alerted authorities of the slush funds.

Song Jung-a, “Hyundai Chief’s Prison Term Compounds Woes of Car Giant,”
       Financial Times, February 6, 2007, p. 15.

  Journal Entries at Year End: Those Magic

Apparently,   Arthur Andersen was given
limited access to the general ledger at
WorldCom, which had a $11 billion fraud
(largest accounting fraud in history). Most of
the original entries for online costs were
properly placed into expense accounts.
However, near the end of the period these
entries were reversed. One such entry was as
Other Long-term Assets $629,000,000
Construction in Progress     $142,000,000
        Operating Line Costs
The support for this entry was a yellow post-
it note.
WorldCom’s outside auditors refused to
respond to some of Cynthia Cooper’s
questions and told her that the firm had
approved of some of the accounting methods
she questioned.
  Those Magic Changes: Yellow Peril

 Fourth Quarter of 1999: "The $239 million
[international line cost accrual release] was
entered in WorldCom's general ledger ... The only
support recorded for the entry was
'$239,000,000,' written on a Post-it Note and
attached to a printout of the entry."
 Third Quarter of 2001: "Myers gave Sethi a Post-
it Note that said 'Assume $742 million.' Later,
Myers and Sethi had a conversation confirming
that $742 million identified on the Post-it Note was
the line cost capitalization entry for the quarter.”


Those Magic Changes

“Oh my heart arranges, oh those magic changes,
 oooh yeah.”

                          Yellow Peril
  First Quarter of 2002: "In Capital Reporting,
Myers told Sethi to go see Vinson, who would
have the amount to be capitalized. When Sethi
did so, Vinson handed him a Post-it Note that had
the $818 million adjustment on it. Brian Higgins
once again refused to make the necessary
allocation for the first-quarter 2002 capitalization
entry. Despite his growing concerns, Sethi made
the allocation because he was concerned that his
immigration status would be jeopardized if he
lost his job."

 First Quarter 2002: "$109.4 million was taken
from the general accrual account that Vinson set
up and reclassified to several SG&A balance
sheet accounts in five large, round-dollar
amounts. The only supporting documentation that
we were able to locate for these entries was a
Post-it Note listing the various SG&A accounts
and the amounts that should be taken from the
Vinson account."

             Cooking-the-Books Often
               Collaborative Effort

•   For restatements between January 1,
    1997 to June 30, 2002, 45% were
    accused of securities fraud and subject
    to shareholder suits.

•   Average of 7 individuals were
    implicated, including
       General counsel
       Internal/external auditors

Source: Robert Tillman and Michael Indergaard, Control Overrides
    in Financial Statement Fraud.
       WorldCom Fraud Massive
   At least 40 people knew about the fraud.
   They were afraid to talk.
   Scott Sullivan handed out $10,000
    checks to 7 involved individuals.
   Altered key documents and denied
    Andersen access to the database where
    most of the sensitive numbers were
   Andersen did not complain about denied
   Company officials decided what tax
    rates they wanted and then used the
    reserves to arrive at the tax rates.

Source: Rebecca Blumenstein and Susan Pullian,
  “WorldCom Fraud Was Widespread,” Wall
  Street J., June 10, 2003, p. 3.

 WorldCom Fraud Massive (contd.)
   David Schneedan, CFO at a division,
    refused to release reserves twice.
   E-mail from David Myers, WorldCom
    comptroller, to Schneedan:
    “I guess the only way I am going to get
    this booked is to fly to DC and book it
    myself. Book it right now; I can not wait
    another minute.”
   Buddy Gates [director of general
    accounting] said to an employee
    complaining about a large accounting
    “Show those numbers to the damn
    auditors, and I’ll throw you out the
    f_____ window.”

Source: Rebecca Blumenstein and Susan Pullian,
   “WorldCom Fraud Was Widespread,” Wall Street J.,
   June 10, 2003, p. 3.

  Differences Between Auditing/Forensic

Auditing               Forensic

1. Recurring           1. Non-recurring
2. Express an          2. Resolve an
   opinion                allegation or
                          deterrence review
3. Follow GAAS         3. Follow consulting
   and SAS 99              standards
4. Materiality         4. Materiality not
   important              important
5. Sampling activity   5. Detailed financial
6. Use professional    6. Establish scienter
7. Audit program       7. No set of rules

         Financial Audit v. Forensic Audit

       The typical financial audit is a
sampling activity that doesn’t look at every
transaction and can therefore be exploited by
someone who knows how to rig the books.
        Forensic accounting focuses on a
specific aspect of the books and examines
every digit. While the average accountant is
trying to make everything add up, a forensic
accountant is performing a detailed financial
analysis to find out why everything doesn’t or
shouldn’t add up.
       It’s a far more time-consuming
enterprise and can be significantly more
expensive than regular auditing work.

Jake Poinier, “ Fraud Finder,” Future Magazine, Fall 2004,
ud.htm                                                      201
                            Pre SAS 99

                Consulting                      Auditing
                Standards                      Standards


                           Post SAS 99
               Consultin                        Auditing
                   g                            Standard
               Standards                            s

                  Traditional     Forensic
                 Investigatio   Procedures
                                                SAS 99
                      n         in the Audit

Source:AICPA, “Forensic Services, Audits, and Corporate
Governance: Bridging the Gap,” Discussion Memorandum,

      Steps Toward Forensic Audit

   Traditional audit [forensic
    techniques & fraud prevention
   If suspect fraud, bring in-house
    forensic talent into the audit.
   If no in-house talent or fraud
    complex, engage an outside
    forensic accountant (e.g., Cr.FA,
    CFFA, or CFD).
   As audit moves toward forensic
    investigation, auditor must
    comply with litigation services
    standards (consulting).

Inexperienced Forensic Auditors

   Find out who did it. Do not worry about
    all the endless details.

   Be creative, think like the fraudster, and
    do not be predictable. Lower the
    auditing threshold without notice.

   Take into consideration that fraud often
    involves conspiracy.

   Internal control lapses often occur
    during vacations, sick outages, days off,
    and rest breaks, especially when
    temporary personnel replace normal

H. R. Davia, Fraud 101, New York: John Wiley & Sons, 2000, pp.

 AICPA Audit Committee Toolkit

     “In some situations, it may be
necessary for an organization to look
beyond the independent audit team
for expertise in the fraud area. In
such cases, CPA forensic accounting
consultants can provide additional
assurance or advanced expertise,
since they have special training and
experience in fraud prevention,
deterrence, investigation, and
     Forensic accounting consultants
may also provide fresh insights into
the organization’s operation, control
systems, and risks. The work of
forensic accounting consultants may
also provide comfort for the
organization’s CEO and CFO, who are
required to file certifications under

    Types of Forensic Engagements

    Determine if fraud is occurring.
    Support criminal or civil action against
     dishonest individuals.
    Form a basis for terminating a
     dishonest employee.
    Support an insurance claim.
    Support defense of an accused
    Determine whether assets or income
     were hidden by a party to a legal
     proceeding (such as a bankruptcy or
    Identify internal controls to prevent it
     from happening again.
Source: D.R. Carmichael, et. al, Fraud Detection, 5th,
   Fort Worth: Practitioners Publishing, 2002, p. 2 – 4.

       Engagement Letters Are Important
•For claims to Continental Casualty Company the
 national provider of CPA malpractice insurance, in
 Tax, 48%          Compilation and bookkeeping, 15%
 Consulting, 11% Audit, 10%
 Fiduciary, 6% All Others, 5%
• Most accounting malpractices claims involve
  inadequate documentation.
• In claims re business tax, 54% of the time no
  engagement letter.
• For individual tax claims, no engagement letters
  78% of the time.
• Estate-related tax services, none, 63%.
• The most costly malpractice claims area is audit
• Almost 40% of all audit claims allege that an auditor
either failed to detect fraud or failed to inform the client of
internal control weakness to reduce the risk of fraud.

Source: Joseph Wolfe, “Accounting for Malpractice,” AICPA,
      Two Major Types of Fraud
   Reactive: Some reason to
    suspect fraud, or occurs after a
    significant loss.
   Proactive: First, preventive
    approach as a result of normal
    operations (e.g., review of
    internal controls or identify
    areas of fraud exposure). There
    is no reason to suspect fraud.
    Second, to detect indicia of

Source: H.R. Davia, “ Fraud Specific Auditing,” Journal of
   Forensic Accounting, Vol. 111, 2002, pp. 111-120
         Proactive Is Beneficial
   The threat of a future investigation reduces
    the occurrence of fraudulent behavior from
    75% to only 43%.

   The larger the pay-off, the more likely a
    person will commit fraudulent behavior.

   Give the fox a key to the hen house and
    he/ she is going to eat hens.

    Source: S. L. Tate et. al, “The Small Fraud Paradigm: An
    Examination of Situational Factors That Influence the
    Non-Reporting of Payment Errors,” J. of Forensic
    Accounting, Vol.7, 2006, p. 406.


    The greater the risk of detection, the less
    likely a person is to violate the law.

                                       Jeremy Bentham
                                       18th Century Philosopher

Proactive vs. Reactive Approaches

Proactive approaches include
 Effective internal controls,
 Financial and operational
 Intelligence gathering,
 Logging of exceptions, and
 Reviewing variances.

Reactive detection techniques
 Investigating complaints and
 Intuition, and
 Suspicion.

Jack Bologna and Robert Lindquist, Fraud Auditing and Forensic Accounting,
     2d Edition, New York: John Wiley, 1995, p. 137.
           Proactive Is Best
   When the IRS began requiring banks
    to issue Form 1099s reporting interest,
    the reported interest income increased
    by $8 billion (even though for 3 years
    the IRS did not have computer
    matching capacity).
   When the IRS began to require
    taxpayers to list a social security
    number for dependents, the next year
    the number of reported dependents
    dropped by seven million. More than
    11,000 of these taxpayers claimed
    seven or more dependents in 1986, but
    they claimed none in 1987.
   When the IRS began to require
    taxpayers to list a name, address, and
    social security number for babysitters,
    two years later 2.6 million babysitters
Fraud Deterrence Better Than Fraud

 1.   Fraud deterrence less
 2.   Deterrence is more
 3.   Fraud deterrence produces
      greater savings.
 4.   Deterrence is faster.
 5.   Fraud deterrence promotes
      better customer relations.

      Daniel Finnegan, “Deterring Fraud,” Quality Planning
      Corporation, 1991.

     Insurance Fraud Equations
1st Law of Fraud Control:
      An illusion of effective investigation deters
      fraud, in turn making possible the reality of
      effective investigation, thereby perpetuating

Evil Twin Corollary:
       When deterrence fails, fraud grows to levels
       that overwhelm enforcement capacities, in
       turn undermining deterrence.

2nd Law of Fraud Control:
      Fraud happens when anticipated income is
      greater than expected costs.

      Anticipated income = Award x Opportunity x

2nd Corollary:
      Fraud is eliminated when potential
      perpetrators believe the costs of fraud are
      greater than income.

      Daniel Finnegan, “Deterring Fraud,” Quality Planning Corporation,

       Is Company Proactive?
   Fraud hotline (reduce fraud losses
    by 50% re Wells 2002 Report).
   Suggestion boxes.
   Make everyone take vacations.
   People at top must set ethical
   Widely known code of conduct.
   Check those employee references.
   Reconcile all bank statements.
   Count the cash twice in the same
   Unannounced inventory counts.
   Fraud risk assessment (CFD).

    $7.4 Billion Losses at Societe Generale
•    Jerome Kerviel evaded all of the French bank’s
     controls to bet $73.5 billion on European markets –
     more than the bank’s market value. Six year
     employee; junior employee.
•    Kerviel reported to work early, stayed late, and took
     only 4 days off in 2007. In France six weeks of
     vacation is fashionable.
•    Starting in early 2005, he made small unauthorized
     trades. The bank missed the illicit trades and the red
•    Kerviel described growing increasingly daring after
     no one at the bank detected a series of small,
     unauthorized trades that he placed.
•    He entered fictitious and offsetting trades to
     minimize the odd of big losses.
•    He stole other people’s computer access codes,
     falsified documents, and employed other methods to
     cover his tracks.
•    He had an excellent understanding of the bank’s
     processing and control procedures so he could
     circumvent all of the controls.
•    His motive: quest for glory and a bonus.

              Some Hints
   Need to really understand the business
    unit. What they really do.
   Have a mandatory vacation policy.
   Rotation of assignments.
   Have a written/signed ethics policy.
   Do things differently each time you
    audit a unit.
   Do not tell client what you are doing.
   Hard to find fraud in the books.
    Look/listen. Look for life style
   Do not rely on internal controls to
    deter fraud.
   Auditors must have control of the
    confirmation process.
   Careful of related parties.
   Careful of “trusted” employees.
   Pay employees to report fraud.

        Related Parties

   Nikko Cordial (Japan) fined for
    failure to consolidate a special-
    purpose entity that was 100%
    owned by its subsidiary and for
    falsifying the timing of an
    exchange bond issue (2007).

   Created Y14.5 billion in net profit.

   Independent panel reviewed
    507,000 e-mails.

           Stamp Mates

   Afinsa, a Spanish stamp company,
    controls 72% of Escala, a U.S. company
    (formerly Greg Manning Auctions).
   Escala says all sales to Afinsa takes place
    at independent established prices.
   But Escala’s reported gross margin on
    stamp sales to Afinsa exceeds 44% [like
    land flipping].
   Compared to less than 14% on those to
    other clients.
   Therefore, Escala was manipulating the
    value of stamps sold to Afinsa to
    artificially boost its own bottom line.
   Escala’s stock fell from $32 to $5 in five
    days after the May 8, 2006 arrests of
    seven executives. Police found $12.6
    million behind one dealer’s freshly
    plastered walls in his home (e.g.,
    unreported profits?).
   Escala owns A-Mark Precious Metals,
    which buys and distributed more than
    one-half of the gold coins handed each
    year by the U.S. mint.

     Fraud Deterrence Review
Analysis  of selected records and
 operating statistics.
Identify operating and control
Proactively identify the control structure
 in place to help prevent fraud and
 operate efficiently.
Not an audit; does not express an
 opinion as to financial statements.
May not find all fraud especially where
 two or more people secretively agree to
 purposely deceive with false statements
 or by falsifying documents.
[Always get a comprehensive, signed
 engagement letter defining objectives.]

               Fraud Detection Process

1.    Discuss facts and objectives with client/attorney (e.g.,
      conflict of interests).
2.    Evaluation whether to accept the engagement.
3.    Prepare a work program.
4.    Develop time and fee schedule.
5.    Obtain approval of work program, staff assignments,
      and fee estimates.
6.    Obtain an engagement letter.
7/8. Identify fraud exposures and symptoms.
9/10. Evaluate evidence obtained and determine if more
      evidence is needed.
11/12. Search for and evaluate additional evidence.
13.   Discuss preliminary findings with client/attorney.
14.   Draft a final report.
15.   Review the report and work papers.
16.   Resolve professional disputes.
17.   Clear review points and open items.
18.   Communicate report or findings.
19.   Help attorney prepare court case/testify.
20.   Perform follow-up procedure.
21.   File work papers/report.

Source: Carmichael et. al, PPC Fraud Detection, Vol.1, Ch. 2 (2002).

          Financial Audit v. Forensic Audit

“ During one investigation, we found in the auditing
     working papers written in the margin of the
     internal audit working papers by the internal audit
     manager: ‘Conceal from bankers,’ says Nicholas L.
     Feakins, CPA, partner at San Mataeo, Calif based
     forensic accounting firm Feakins & Feakins. “ It
     sounds amazing, but the [third-party] auditors has
     put B-level staff on the project who simply didn’t
     read the documents and missed it.”
MiniScribe, one of the world’s largest disk-drive
     makers, which in the late 1980s was
     surreptitiously shipping bricks instead of disk
     drives to the Far East and receiving credit from the
     bank for the amount of the shipments. “After all,”
     he says “it’s going to be 90 days until they ship the
     brick back to you. “MiniScribe’s public accounting
     firm, Coopers & Lybrand, didn’t catch the false-
     revenue scam during its regular audits-but a
     forensic accountant did.”

Jake Poinier, “ Fraud Finder,” Future Magazine, Fall 2004,
                            Materiality Unimportant

        “Auditing is governed by materiality. In
        investigative accounting, it is the opposite.
        I am looking for one transaction that will be
        the key. The one transaction that is a little
        different, no matter how small the
        difference, and that will open the door.”
        Lorraine Horton, owner of L. Horton & Associates in Kingston, R.I.

“Fraud usually starts small. It begins with little
   amounts, because the perpetrator is going
   to test the system. If they get away with it,
   then they keep on increasing and
   increasing it.”
                                             Robert J. DiPasquale

Source: H.W. Wolosky, “Forensic Accounting to the Forefront,” Practical
    Accountant, February 2004, pp. 23-28.

       Forensic Accounting v. Auditing

“Forensic accounting is very different from
auditing in that there is no template to use.
There are no set rules. You don’t know when
you go into a job how it is going to be.”
             Lorraine Horton, Kingston, R.I
“Forensic accounting “is a very competitive
 field. What is interesting is that you may be a
 good accountant, but not a good forensic
 accountant. The training and the way you look
 at transactions are different.”
          Robert J. DiPasquale, Parsippany, N.J.
“Unlike auditing, lower-level staff often can’t
 be used for an engagement. They normally will
 not spot anything out of the ordinary, and an
 experienced person should be the one testifying
 as well as doing the investigative work.”
Lorraine Horton, Kingston, R.I.

Source; H.W. Wolosky, “Forensic Accounting to the Forefront,”
 Practical Accountant, February 2004, pp. 23-28.

SAS No. 99 Recommendations

   Brainstorming.
   Increased emphasis on professional
   Discussions with management.
   Unpredictable audit tests.
   Responding to management override of


   An attitude that includes a
    questioning mind and a critical
    assessment of audit evidence.
   An auditor is instructed to conduct
    an audit “with a questioning mind
    that recognizes the possibility that
    a material misstatement due to
    fraud could be present, regardless
    of any past experience with the
    entity and regardless of the
    auditor’s belief about
    management’s honesty and
   “Things are not always as they
    appear, sonny boy.” James
    Patterson, Honeymoon, Warner
    Books, 2006.

Ronald Reagan said with respect to
Russia, “Trust, but verify.”

FA’s motto should be “Trust no
one; question everything; verify.”
This ain’t my first rodeo
I didn’t make it all the way through
But my mama didn’t raise no fool.
I may not be the Einstein of our time.
But honey, I’m not dumb and I’m not
                                               Vern Gosdin
    SAS No. 99: Questions for Management

    Whether management has knowledge of any fraud
     that has been perpetrated or any alleged or
     suspected fraud.
    Whether management is aware of allegations of
     fraud, for example, because of communications
     from employees, former employees, analysts, short
     sellers, or other investors.
    Management’s understanding about the risks of
     fraud in the entity, including any specific fraud
     risks the entity has identified or account balances or
     classes of transactions for which a risk of fraud may
     be likely to exist.
    Programs and controls the entity has established to
     mitigate specific fraud risks the entity has
     identified, or that otherwise help prevent, deter, and
     detect fraud, and how management monitors those
     programs and controls.
    For an entity with multiple locations, (a) the nature
     and extent of monitoring of operating locations or
     business segments, and (b) whether there are
     particular operating locations or business segments
     for which a risk of fraud may be more likely to
    Whether and how management communicates to
     employees its views on business practices and
     ethical behavior.

   Assume there may be wrong
   The person may not be
   The document may be altered.
   The document may be a
   Officers may override internal
   Try to think like a crook.
   Think outside
    the box.

      SAS No. 99: Brainstorming
Aims to make the auditor’s consideration
  of fraud seamlessly blended into the
  audit process and continually updated
  until the audit’s completion.
Brainstorming is now a required
  procedure to generate ideas about how
  fraud might be committed and
  concealed in the entity.
 No ideas or questions are dumb.

 No one owns ideas.

 There is no hierarchy.

 Excessive note-taking is not allowed.

Source: Michael Ramos, “Auditors’ Responsibility for Fraud
  Detection,” J. of Accountancy, January, 2003, pp. 28 – 36.

                 More Brainstorming

 Best to write ideas down, rather than say
  them out loud.
 Take plenty of breaks.
 Best ideas come at the end of session.
 Important to not define the problem too
  narrow or too broad.
 Goal should be quantity, not quality.
 Geniuses develop their most innovative
  ideas when they are generating the greatest
  number of ideas.
 No such things as bad ideas.
 Many companies are great at coming up
  with good ideas, but lousy at evaluating and
  implementing them.

Source: A.S. Wellner, “Strategies: A Perfect Brainstorm,” Inc.
  Magazine, October 2003, pp. 31-35

               Potential Pitfalls
      Group domination: one or two
       participants dominating the process
       can quickly squelch the creative
       energies of the groups as a whole,
       reducing the likelihood the team will
       identify any actual fraud risks.
      Social loafing: participants disengage
       from the process, expecting other
       team members to pick up the slack.
      Groupthink: team members become
       so concerned with reaching
       consensus that they fail to
       realistically evaluate all ideas or
      Group shift: avoid allowing the team
       to take an extreme position on fraud
Source: M.S. Beasley and J.G. Jenkins, “A Primer for Brainstorming
       Fraud Risks,” Journal of Accountancy, December 2003, pp. 33-
    Three Types of Brainstorming
     Open brainstorming: unstructured; few
      rules; free-for-all; someone should
      record ideas.
     Round-robin brainstorming: start with
      no talking, silent period; assigned
      homework ahead; each individual
      presents own ideas; each member has
      a turn.
     Electronic brainstorming: shortens
      meetings, increases ideas, and
      reduces personalizing ideas because
      an idea’s author remains anonymous.

Source: M.S. Beasley and J.G. Jenkins, “A Primer for
      Brainstorming Fraud Risks,” Journal of Accountancy,
      December 2003, pp. 33-34.

How Management Overrides Controls
         (SAS No. 99)

    Recording fictitious journal
     entries (especially near end of
     quarter or year).
    Intentionally biasing
     assumptions and judgments
     used to estimate accounts
     (e.g., pension plan
     assumptions or bad debt
    Altering records and terms
     related to important and
     unusual transactions.

               Bias Assumptions

      There are almost as many oil/gas
       reserve definitions as there are
      During the first week of January
       2004, Royal Dutch/Shell Group
       slashed its estimates of oil reserves
       by 20% or about 3.9 billion barrels
       of oil.
      Stock fell 9%.
      Shell, Exxon/Mobil, and
       Chevron/Texaco make the
       estimates themselves.
      By the end of 2002, a total of 4.47
       billion barrels cut; another 1.4
       billion barrel cut in 2003.
Source: Susan Warren and P.A. Mckay, “Methods for Citing Oil
       Reserves Prove Unrefined,” Wall Street Journal, January 14,
       2004, p. C-4. Chip Cummins, “Shell Slashes Oil Reserves
       Again, News Overshadows Profit Surge,” WSJ, February 4,
       2005, p. A-3

     Shell Board Kept In the Dark

      One memo drafted on February 11,
       2002, warned that about one billion
       barrels of oil-equivalent reserves
       appeared not to be in compliance
       with SEC guidelines.
       Board learned of information only in
       early January 2004.
      Chairman Sir Philip was ousted in
       early March 2004.
      Most of the misstated reserves were
       recorded from 1997 to 2000, when
       Sir Philip was in change of
       exploration and production.
      Oil/gas reserves were increased (not
       by discovery) by changing its
Source: Stephen Labaton and Jeff Gerth, “At Shell, New Accounting
       and Rosier Oil Outlook,” New York Times, March 12, 2004, pp.
       A-1 and C-4.
The SEC has recently adopted the
proactive strategy of “wildcatting”
where investigations into entire
industries and business sectors are
begun after evidence emerges from
only one company in the group
regarding financial reporting problems.

Over time, the PCAOB will probably
be able to identify peculiarities within
existing or evolving industries that
require either standard setting or
regulatory attention, or both.
Source: Berton, L., “U.S. Accounting Watchdogs Try to Shut Barn Door,”, April 2, 2004; J.H. Edwards, “Audit Committees: The Last
Best Hope,” Journal of Forensic Accounting, Vol. IV (2004), pp. 1-20.

An auditor must perform a walkthrough of a
company’s significant processes (each major
class of transactions).

Can not be achieved secondhand.

According to PCAOB, in a walkthrough an auditor
traces “company transactions and events – both
those that are routine and recurring and those
that are unusual – from origination, through the
company’s accounting and information systems
and financial report preparation processes, to
their being reported in the company’s financial

Auditors should perform their own walkthroughs
which provides auditors with appropriate
evidence to make an intelligent assessment of
internal controls.

Source: PCAOB Briefing Paper, Proposed Auditing Standards, October 7, 2003.

Slot Machine Example

Revenue Flows

          Wandering Around
• Informal observations while in the
• Especially valuable when assessing the
  internal controls.
• Observe employees while entering and
  leaving work and while on lunch
• Observe posted material, instructions,
  job postings.
• Observe information security and
• Observe the compliance with
• Appearance is not necessarily reality.
  Man of La Mancha
 New Terms in Financial Reports:
 Deficiencies Have No Bright Lines

Control deficiency – one that might allow a
   bad number to get into the financial
   reports (e.g., the likelihood that a
   company misstates reports is remote– 1
   out of 20).
   Example: company does not check
  changes made by a salesman in a minor

Significant deficiency – more serious flaw
   or a number of flaws that increase the
   chances that wrong numbers will
   significantly distort financial statements
   (e.g., more than remote).
  Example: company not checking for
   changes to terms of several key
  Need only to report to BOD, but some
   companies are making them public.

   Deficiencies Have No Bright Lines

  Material weakness – deficiencies are so
   bad that there is more than a remote
   change of a material misstatement in
   financial statements.
  Example: a bank does not regularly
   check for errors in estimating loan-loss
   expenses (i.e., Fannie Mae reported a
   $1.3 billion error from its computer
   model, many in an uncontrolled
  They must be reported.
    David Henry, “How Clean Are the Books?” Business Week, March 7,
   2005, pp. 108-109.
     Firms that reported material
     weaknesses in tax accounting lost an
     average of 5.8% of their stock value 60
     days after the announcement.
     As of 11-14-05, 695 companies have
     disclosed material weaknesses in their
     annual report.
     Material Weakness Areas

 AREAS OF FAILURE                    2005           2004
 Tax accruals/ deferrals            34.5%           32.0%
 Revenue recognition                 28.4           31.3
 Inventory/ vendor cost of sales     23.7           27.4

 Fixed/ Intangible assets            16.0           18.6
 Leases or contingencies              9.3           16.8
 Cash flow (FAS 95 error)             8.8             --
 Consolidation (Fin 46 issues)        6.7            9.0

*10% of corporate filers in 2005 and 16% in 2004.

In 2007, 400 companies reported them.
In 2008, only 14 material weaknesses at 11 companies.


           Think Like A Crook

   Know your enemy as you know yourself,
    and you can fight a hundred battles with
    no danger of defeat.” Chinese Proverb.
   Military leaders study past battles.
   Football and basketball teams study
    game films of their opponents.
   Chess players try to anticipate the moves
    of their opponent.

Examples: If contracts above $40,000 are
   normally audited each year, check the
   contracts between $30,000-$40,000.
  FAs must learn the tricks of the trade as
   well as the trade.

      Think Outside the Box

American astronauts returning from
space complained that they could
not write with their pens in zero
gravity. NASA set aside $1 million
to develop a sophisticated pen that
would function in space.
The Russians encountered the same
problem. What did they do?

       Investigative Techniques

“Facts weren’t the most important part
 of an investigation, the glue was. He
 said the glue was made of instinct,
 imagination, sometimes guesswork and
 most times just plain luck.” (p. 163).
“In his job, he [Bosch] learned a lot
 about people from their rooms, the way
 they lived. Often the people could no
 longer tell him themselves. So he
 learned from his observations and
 believed that he was good at it.” (p. 31).
Michael Connelly, The Black Ice, St. Martin’s
Paperbacks, 1993.

     Three Major Phases of Fraud

1. The Act itself.
2. The concealment of the fraud (in financial
3. Conversion of stolen assets to personal use
   (interest free loans to Tyco executives
One can study any one of these phases.

 Things being stolen: conduct surveillance
  and catch fraudster.
 If liabilities being hidden, look at financial
  statements for concealment.
 If fraudster has unexpected change in
  financial status, look for source of wealth.

Source: Cindy Durtschi, “The Tallahassee Bean
   Counters: A Problem-Based Learning Case in
   Forensic Audit,” Issues in Accounting Education, Vol.
   18, No. 2, May 2003, pp. 137-173.

       Fraud Hypothesis Testing Approach
         Here a forensic accountant attempts to pro-
actively detect fraud that is still undiscovered by
formulating and testing null hypotheses. This proactive
technique requires an forensic investigator to
1. Identify the frauds that may exist in a particular
2.Formulate null hypotheses stating that the frauds do not
3.Identify the red flags that each of the frauds would
4.Design customized queries to search for the specific red
flags or combination of red flags.
In a refinery, three authors report that after a formalized
pro-active search for red flags, some unknown frauds
were discovered. But applying generic data mining
programs to the company’s database to detect fraud
resulted in a number of Type II errors. So in order to be
useful the red flags had to be fraud and company specific.

C.C. Albercht, W.S. Albercht, and J.G. Dunn, “Conducting a Pro-Active
Fraud Audit: A Case Study,” Journal of Forensic Accounting, Vol. 11,
2000, pp. 203-218

    The Methods - Frequency

   Asset misappropriation
    accounted for more than four out
    of five offenses or 88.7% in
    2008 (91.5% in 2006) (92.7% in
    2004). $150,000
   Bribery and corruption
    constituted about 27.4% (30.8%
    in 2006) (30.1% in 2004) of
    offenses. $375,000 ($538,000)
   Fraudulent statements were the
    smallest category of offense
    10.3% in 2008 (10.6% in 2006)
    (7.9% in 2004) (most costly). $2
    million per scheme.
Source: 2008 Wells Report, ACFE.

   Restatements of Financial Statements
           2007            1,109
           2006            1,420 (10%)
           2005            1,195 (8.5%)
           2004            650
           2003            514
           2002            330
           2001            270
           1999            216
           1998            158

               Average restatement

           2005           $21.33 million
           2006             17.8 million
           2007             3.64 million

General Electric, 2007, $341 million adjustment.
     Class Action Securities Fraud Actions

        Year                                    Year
        2007                176                 2000               216
        2006                118                 1999               209
        2005                182                 1998               242
        2004                237                 1997               173
        2003                226                 1996               111
        2002                266                 1995               188
        2001                498

 Although the number of shareholder class
 action lawsuits have gone down,
 settlements are now much bigger (average
 $65 million). Unions and retirement funds
 are playing an increasing role, resulting in
 much higher settlements.
Stanford Law School Securities Class Action Clearing House,; “Classier Actions,” The Economist, February 17,
2007, pp. 76-77.
    Auditors Must be Alert for:

   Concealment
   Collusion
   Evidence
   Confirmations
   Forgery
   Analytical relationships

Source: Gary Zeune, “The Pros and Cons.”
“Things are not what you think they
    are.” Al Pacino, “The Recruit.”

An Average of Seven People Involved

 Authors Robert Tillman and
  Michael Indergaard found that of
  the 834 companies that issued
  restatements between January 1,
  1997 and June 30, 2002, 374 or
  45% were accused of securities
 An average of 7 persons were
  normally involved – CEOs, CFOs,
  COOs, general counsel, directors,
  and internal and external auditors.

         Anti-Fraud Measures –
     Months to Detect – Median Loss

                            YES        NO
1.    Hotlines            $100,000   $200,000
                            (15)       (24)
2.    Internal audits    $120,000    $218,000
                           (18)        (24)
3.    External audits     $181,000   $125,000
                            (23)       (18)
4.    Surprise audits     $100,000   $200,000
                            (15)       (24)
5.    Fraud awareness/    $100,000   $200,000
      Ethics Training       (15)       (24)

Source: 2006 Wells Report, ACFE.

Median Duration of Fraud Based
   on Scheme Type - 2008

 Source: 2008 Wells Report, ACFE.
       Executions for Fraud?
   In September 2004, Wang Liming, a
    onetime accounting officer at China
    Construction, and two other bank
    employees were executed for
    defrauding the bank of $2.4 million.
   In an unrelated corruption case, an
    officer at the Zhuhai branch of the
    Bank of China was put to death.

    John Goff, “Bank Fraud Brings Executions,” CFO,
    November 2004, p.20.

                “Nail them to the wall.
             Give me the hammer, and I’ll
                Nail them to the wall.”

                   Willy Stark (Governor Huey Long) in
                           “All the Kings’ Men.”

       Roadmap For An Embezzler: 14 Ways
1. Sam diverted payroll taxes meant for the IRS to
   himself through a dummy account. He switched
   the IRS correspondence address to his home,
   hiding the default letters. He carried on an
   extensive letter-writing campaign with the IRS to
   confuse and delay action. He made back
   payments, disguising them to us as current
2. He set up dummy bank accounts to skim funds
   before they made their way into legitimate
3. Sam got one employee fired for doing “sloppy
   management,” which “lost” some deposits. Of
   course, Sam gave me the “proof” that this
   employee was incompetent.
4. He refocused attention by pointing fingers at
   “slow payers” on our accounts receivable. He
   claimed that some people had never paid (they
   had) and that he had sent them to collections (he
   hadn’t). Of course, his records showed that their
   payments had never made it into our account
   (they went into a dummy account.)

 Source: Bev Harris, “How to Embezzle a Fortune,”
Roadmap For An Embezzler: 14 Ways (contd …)

5.    He stole postage and then “reported” it, to alert
      me that he was honest; if anything was amiss, I
      would then blame others (and he offered his
      opinions on the least trustworthy employees).
6.    He diverted bank statements to his home and
      altered them before filing them at the office.
7.    Sam volunteered to run daily deposits to the
      bank, skimming off the cash and changing the
      deposit tickets.
8.    He made reimbursements to himself and his wife
      for “business expenses” that didn’t exist.
9.    Sam set up his landlord, once or twice a year, as
      an accounts payable.
10.   A fax machine was stolen from the office. Also a
      TV and VCR. He was supposedly the first to
      arrive; he hastened to point out the broken
      window. He personally handled the police
      report. (I doubt that anyone broke in; the
      window was high up and fairly small.)

 Source: Bev Harris, “How to Embezzle a Fortune,”
Roadmap For An Embezzler: 14 Ways (contd …)

11.   He put his wife on the payroll (a sweet woman
      who divorced him when she found what he
      really was). He “miscalculated” withholding to
      overpay her, and adjusted her W-2s downward
      to match. She was hourly, so he also padded
      her hours by $20 to $50 per pay period, and
      altered the time log sheets. We figured that
      over the course of four years, he overpaid her
      by at least $3,000. Of course, he was in
      charge of their family finances, and he
      deposited all her checks.
12.   Sam double-reimbursed himself for legitimate
      Here’s how:
      He would list perhaps four expenditures on
      one voucher, three on another. So the first
      would say “Office Depot, $21.64; Kinkos,
      $18.92; Office Depot, $39.12; Office Depot,
      $16.10.” A month or two later, one would
      show up like this: “Kinkos, $11.30; Office
      Depot, $39.12; Shay Office equipment,
 Source: Bev Harris, “How to Embezzle a Fortune,”
Roadmap For An Embezzler: 14 Ways (contd …)

      Yes, receipts were stapled to the voucher, and
      all the vouchers/receipts added up. Here’s
      how he handled that: for some vendors he
      copied receipts by running them through an
      old fax machine that used thermal paper. He
      made two copies for double submissions.
      Many cash registers use thermal paper, so the
      receipts looked real. This technique survived
      an outside audit.
13.   Increasingly arrogant, he began making
      “phone-authorized” wire transfers out of
      company accounts into his personal checking
14.   Sam did an amazing job of doctoring the
      financial statements. (If this man spent half
      the effort on legitimate pursuits that he did on
      embezzling, he’d be a millionaire instead of an

 Source: Bev Harris, “How to Embezzle a Fortune,”
Code of Ethics Required by Sarbanes-Oxley

  Section 406: Public issuer has to
      adopt a code of ethics for senior
      financial officers to deter wrong –
      doing and to promote
  1.  Honest and ethical conduct.
  2.  Full, fair, accurate, timely and
      understandable disclosure in SEC
  3.  Compliance with government
      laws, rules, and regulations.
  4.  Prompt internal reporting code
  5.  Accountability for adherence to
      the code.

          More Hints …
   Check employee
   Stop giving the employee/client the
    answer when you ask a question.
   Zero tolerance for allowing
    employee/executive to get away
    with anything.
   Always reconcile the bank
   Try to think like a criminal.
   Get inside the criminal’s mind. Be a
   Do not assume you have honest
   Bond employees.
   Uni-ball gel pens.
            Source: Gary Zeune

              Auditing Hints
• SAS No. 99 does not require auditors to make
  inquiries of “others,” as opposed to
  management. Auditors must talk to and
  interview others below management level. If
  asked, employees may be willing to report
  suspicious activities.
• Use independent sources for evaluating
  management (e.g., financial analysts). Surf
  the internet.
• Auditors need to follow the performance
  history of managers and directors.
• If a company has an anonymous reporting
  system, obtain information about the
  incidents reported and consider them when
  assessing fraud risk.
• Be sure to perform analytical procedures, and
  the work should be reviewed by senior
  members of the audit team.                  263
           Auditing Hints (cont.)

• Auditors should select sample items below
  their normal testing scope (e.g., HealthSouth).
• Fraud procedures should be more than
  checklists. Audits should focus on finding and
  detecting fraud.
• Ask for and review all “top drawer” entries.
• Ask for and review all side agreements.

Check References and Resume

Fraud 101: Fraudsters can
change their job and address, but
they can not change who they

         Integrity Testing
   Pre-employment drug testing.
   Post-employment drug testing
    more sensitive.
   Pre-employment polygraph tests
    prohibited by 1988 Act (Federal,
    State, Local Governments and
    Federal Contractors exempted
    from the Act).
   Written integrity tests.

       Lavish Executive Pay
     Many of the companies indicted by
      the SEC after Enron had one thing
      in common: CEOs were making
      about 75% above their peers.
     The common thread among the
      companies with the worst corporate
      governance is richly compensated
      top executives, as per the
      Corporate Library, Portland, Maine
      governance-research firm. Hefty
      pay checks and perks to current or
      former chief executives.
     Poor BODs have in common: an
      inability to say no to current or
      former chief executives.

Source: Monica Langley, “Big Companies Get Low
     Marks for Lavish Executive Pay,” Wall Street J.,
     June 9, 2003, p. C-1.

               Compensation Facts
• CEOs compensation components have increased
dramatically in the 1990 [mean of $1.68 million in 1992 to
43.2 million in 2000] even after the passage of IRC Section
162 (m) in 1993 [$1 million limit].
Balsam, S. 2002. An Introduction to Executive Compensation. San Diego, CA:
The Academic Press.

• Compensation increases when the CEO has influence
over the outside directors, as measured by the percentage
of outside directors appointed by the CEO.
Core, J.E, Holthausen, R and Larcker, D. 1999. Corporate governance, chief
executive officer compensation, and firm performance, Journal of Financial
Economic 51: 371-406

• CEO compensation is higher when the CEO’s tenure is
greater than the chair of the compensation committee.
Main, B., O’Reilly, C, and Wade, J. 1995. The CEO, the board of directors and
executive compensation: economic and psychological perspectives, Industrial
and Corporate Change 4: 293-332.

• The relation between the change in CEO cash
compensation and stock returns weaken with tenure.
Hill, C. and Phan, P. 1991. CEO tenure as a determinant of CEO pay. Academy
of Management Journal 34: 707-711

• The greater the percentage of outside board members
appointed after the CEO, the more likely the CEO will
have a golden parachute.
Wade, J., O’Reilly, C, and Chandratat, I. 1990 Golden parachutes: CEOs and the
exercise of social influence. Administrative Science Quarterly 35:587-603

    External Fraud-Shoplifting
It’s not just stars (e.g., Bess
Myerson, Hedy Lamarr, and may
be Winona Ryder). Why, each
year, ordinary people shoplift $13
billion of lipstick, batteries, and
bikinis from stores (last year $26
to $33 billion). May account for
one-third of total inventory

800,000 times a day the thrills
and temptations win over fear – a
product of the late 19th century
with the larger stores.
Source: Jerry Adler, “The Thrill of Theft,” Newsweek,
February, 2002.

        Impaired Independence
     The independence of the auditor will probably be
     impaired and reduce the quality of financial
     statement audits, if any of the following conditions
     occur during financial statement audits:

1)   auditor’s excessive personal loyalty to the audit
2)   auditor’s fear of losing client to a competitive CPA,
3)   auditor’s fear of a lawsuit if CPA withdraws from
     audit engagement,
4)   auditor’s fear of harming client with audit opinion
     other than unqualified, and
5)   auditor’s conflict between consulting and auditing
     services offered.

     G. D. Moyes and A. Anandarajan, “CPAs’ Perceptions of Factors Influencing the
     Quality of Financial Statement Audits: Substandard Performance and Impaired
     Independence,” J. of Forensic Accounting, Vol. 7, 2006, p. 133.

   Earnings Management
Earnings management may be defined as
the “purposeful intervention in the
external financial reporting process, with
the intent of obtaining some private gain.”

– Katharine Schipper, “Commentary on Earnings
Management,” Accounting Horizon, December 1989, p. 92.

Earnings management occurs when
managers use judgments in financial
reporting and in structuring transactions to
alter financial reports to either mislead some
stakeholders about the underlying economic
performance of the company, or to influence
contractual outcomes that depend on
reported accounting numbers.

                                P. Healy and J. Wahlen

      Earnings Management
The difference between earnings
management and financial
statement fraud is the thickness of
a prison wall.
           D. Larry Crumbley
The difference between earnings
management and financial
statement fraud is like the
difference between lightning and a
lightning bug.
           D. Larry Crumbley

     Capital Market Incentives to
          Manage Earnings
1.   Management buyout firms, on average, manage their
     earnings downward prior to the buyout.
2.   Roughly 12 percent of firms making seasoned or initial
     equity offerings manage their earnings upward by about 5%
     of total assets prior to the offers.
3.   Firms who are in danger of failing to meet management
     earnings forecasts, on average, manage their earnings
     upward prior to releasing the annual earnings figure.
4.   Firms, on average, manage their earnings to meet or beat
     expectations of financial analysts.
5.   Firms that meet or beat analysts’ expectations earn about
     8% incremental annual market-adjusted returns relative to
     firms that fail to do so.
6.   Firms with zero or a positive earnings surprise earn
     incremental quarterly returns of 2.3%, and firms with
     positive earnings surprise earn further incremental quarterly
     returns of 3.4%.
7.   About 40% of firms confronted with reporting slight losses
     tend to manage their earnings in order to report positive
8.   About 12% of firms confronted with reporting slight earnings
     decreases tend to manage their earnings in order to report
     small earnings increases.
9.   Investors do not see through most earnings management as
     evidenced by the fact that firms flagged for earnings
     management by regulators show an average stock price
     decline of 9%.

Source: Masser Spears, “The Impact of Earnings Mgt. on the Credibility of
     Corporate Financial Reporting,” Petroleum Acctg. and Financial
     Mgt., Summer 2007, pp. 47-48.

       Contracting Incentives to
          Manage Earnings
1.   There is no evidence of earnings
     management behavior by firms close to their
     dividend covenant. Instead, these firms tend
     to manage their cash flows.

2.   There is inconclusive (mixed) evidence of
     earnings management behavior by firms to
     other debt covenants, such as interest
     coverage or leverage ratios.

3.   Some managers manipulate earnings to
     increase bonus awards. There is no evidence
     on the pervasiveness or the stock market
     impact of this form of earnings management.

Source: Masser Spears, “The Impact of Earnings Mgt. on the
    Credibility of Corporate Financial Reporting,” Petroleum
    Acctg. and Financial Mgt., Summer 2007, pp. 47-48.
        Regulatory Incentives to
           Manage Earnings
1.   There is strong evidence that suggests that
     firms manage earnings (a) to avoid
     regulatory constraints, (b) to take advantage
     of governmental benefits, and (c) to avoid
     regulatory exposure.

2.   There is no direct evidence about how and
     whether regulators impound those forms of
     earnings management behavior.

Source: Masser Spears, “The Impact of Earnings Mgt. on the
    Credibility of Corporate Financial Reporting,” Petroleum
    Acctg. and Financial Mgt., Summer 2007, pp. 47-48.
    Management or Manipulation?

   More than one-half of CFOs say they can
    legally influence reported earning by 3% or
   Operational levers: delaying operational
    spending, accelerating order processing,
    and driving sales force more.
   Accounting steps: changing the timing of an
    accounting change and adjusting
   One-third of CFOs would try to influence
    results: 24% upward or 8% would try to cut
   Few CFOs think their auditors would catch
   If the auditors caught it, they probably
    would not bring it up to management.

Don Durfee, “Management or Manipulation?” CFO, December, 2006, p.
Financial Statement Fraud Schemes

 Category                           %
 Concealed Liabilities             45.0%
 Fictitious Revenues               43.3%
 Improper Asset Valuations         40.0%
 Improper Disclosures              37.5%
 Timing Differences                28.3%

Source: 2006 Wells Report, ACFE.

    Good Earnings Management

 Careful timing of capital gains and
 Use of conferencing technology to
reduce travel costs; and
 Postponement of repair and
maintenance activities when faces
with unexpected cash flow declines.

L. G. Weld et. al, “Anatomy of a Financial Fraud,” The
CPA Journal, October 2004.

    Abusive Earnings Management

 Improper revenue recognition (e.g., bill and hold
 Improper expense recognition.

 Using reserves to inflate earnings in years with
  falling revenues (cookie jar accounting).
 Shifting debt to SPE.

 Channel stuffing.

 Capitalizing marketing costs rather than expensing.

 Extending useful lives and inflating salvage values.

 Cookie jar reserves.

 Accelerating revenue from leasing equipment.

 SPEs not consolidated.

     Early Warning Signs of
     Earnings Management

 Cash flows that are not correlated with
Receivables that are not correlated with
 Allowances for uncollectible accounts that
are not correlated with receivables;
 Reserves that are not correlated with
balance sheet items;
 Acquisitions with no apparent business
purpose; and
 Earnings that consistently and precisely
meet analysts’ expectations.

Magrath and Weld, “Abusive Earnings Management and
Early Warning Signs,” The CPA Journal, August 2002.

Some Red Flags of Earnings Management

  1.    CEO is also Chairperson of BOD (e.g.,
  2.    Insiders have majority control of BOD.
  3.    Weak system of internal controls.
  4.    Performance emphasis on short-term goals.
  5.    Weak or non-existent Code of Ethics (e.g.,
  6.    Questionable business strategies with
        opaque disclosures (e.g., special purpose
  7.    CEO is uncomfortable with criticism (Enron’s
        Jeff Skilling).
  8.    CEO or other senior management turnover
        (Qwest’s CFO).
  9.    Insiders selling stock (Enron’s Ken Lay).
  10.   Independence problem from large non-audit
        fees paid to external auditors (e.g.,
  11.   Company’s investment banker has
        independence problems (e.g., Parmalat,

         Earnings Management
Companies that consist solely of
independent directors and meet at least
four times a year are likely to have lower
non-audit service fees.
   L.J. Abbott, “An Empirical Investigation of Audit Fees, Non-
Audit Fees, and Audit Committees,” Contemporary Accounting
Research, Summer, 2003, p. 230.

An auditor who is also an industry
specialist further enhances the credibility
of accounting information (e.g., less
earnings management).
  G.V. Krishnan, “Does Big 6 Auditor Industry Expertise Constrain
Earnings Management?” Accounting Horizons, Vol. 17,
Supplement 2003, p. 15.

         Earnings Management

Lower perceptions of earnings quality
lead investors to more thoroughly
examine a firm’s audited financial
statements. A more thorough analysis of
a firm’s financial statements lead
investors to lower their assessment of
the firm’s earnings quality.
    F.D. Dodge, “Investors perceptions of Earnings Quality, Auditor
Independence, and the Usefulness of Audited Financial
Information,” p. 46.

Found no evidence that short sellers
trade on the basis of information
contained in accruals.
Scott Richardson, “Earnings Quality and Short Sellers,” p. 49.

            Earnings Management

  Small companies tend to more
frequently manage earnings to
avoid losses than large companies.
 Auditors type appears

Brain Lee and Ben Choi, “Company Size, Auditor Type, and Earnings
Management.” Journal of Forensic Accounting, Vol. 3 (2002), pp. 27-50

 Professor Ketz’s Shoddy Accounting Practices

Pro  forma means “as if,” so pro forma
earnings means earnings that would have
been reported had the corporation been using
alternative methods (e.g., everything but the
bad stuff).
“Today, however, pro forma numbers are
seldom published for the purpose of
informing investors and creditors in a better
manner. Instead, these disclosures have
become a way of under-minding orthodox
accounting by not recognizing a variety of
items as expenses.”
Examples: Goodwill never declines.
Moving expenses and losses from operating
items to so-called nonrecurring items.
Contrast the income with the firm’s
operating cash flow.

Source: J.E. Ketz, Hidden Financial Risks, John Wiley & Sons, 2003
                       Hiding Debt

Companies hide debt by these techniques:
1.  Using the equity method (rather than Trading
    Security and Available for Sale methods).
    Nets the assets and liabilities of the investee.
2.  Lease accounting (arguing that leases are
    operating leases). Understates 10 to 15% .
3.  Pension accounting – netting of the projected
    benefit obligation and the pension assets.
    Must un-net them.
4.  Hiding debt inside Special – Purpose Entities
    – trillions of dollars of SPE debt is off the
    books (e.g., securitization, SPE borrowings,
    synthetic leases). Enron, REFCO, Adelphia.
Readers can make analytical adjustments by
    searching footnotes for 1,2, and 3. But no
    disclosures for asset securitization, SPE
    borrowings, and synthetic leases.

Source: J.E. Ketz, Hidden Financial Risks, John Wiley & Sons, 2003

      Types of Financial Statement Fraud Schemes

       Three professors have broken financial
       statement fraud schemes into these ten

 1.    Fictitious and/or overstated revenues and
       assets (e.g., non-ordered or cancelled goods).
       Sunbeam created revenues by contingent
       sales, a bill-and-hold strategy, and
       accelerated sales. Digital Lightware, Inc.
       recognized fraudulent billings. Cendant
       Corporation created fictitious revenues, and
       Knowledge Ware inflated revenues with
       phony software sales. Xerox, Bristol-Mayers,
 2.    Premature Revenue Recognition (e.g., holding
       books open). 35-day month.
 3.    Misclassified Revenues and Assets (e.g.,
       combining restricted cash accounts with
       unrestricted cash accounts). School districts
       and universities may engage in this strategy
       with dedicated funds.

Source: S.E. Bonner, Z. Palmrose, and S.M. Young, “Fraud Types and Auditor
Litigation,” The Accounting Review, October 1998, pp. 503-532.
     Types of Financial Statement Fraud Schemes
                       (contd …)

4.     Fictitious Assets and/or Reductions of
       Expenses/Liabilities (e.g., recording
       consigned inventory as inventory).
5.     Overvalued Assets or Undervalued
       Expenses/Liabilities (e.g., insufficient
       allowance for bad debts). Enron.
6.     Omitted or Undervalued Liabilities (e.g.,
       understated pension expenses). Hiding
       losses (Allied National Bank).
7.     Omitted or Improper Disclosures (e.g., stock
       option expense estimates).
8.     Equity fraud (e.g., recording nonrecurring
       and unusual income or expense in equity).
9.     Related-Party Transactions (e.g., fictitious
       sales to related parties). Enron had many
       related-party transactions. REFCO, Adelphia.
10.    Financial Fraud Going the Wrong Way (e.g.,
       for tax purposes reducing income or
       increasing expenses).

        Wrong Way Earnings Management

      Freddie Mac understated past
       earnings as much as $5 billion.
      Certain transactions and accounting
       policies were “implemented with a
       view to their effect on earnings”
       (e.g., to smooth earnings).
      Restatements will result in higher
       earnings in prior periods but lower
       earnings in future periods.
      Employees appeared to knowingly
       violate accounting rules in an effort
       to manipulate earnings.
Source: Patrick Barta and J.D. McKinnon, “Freddie Mac Profits May Have Been
       Low By Up to $4.5 Billion,” Wall Street J., June 26, 2003, pp. C-1 and
       C-11. Bethany McLean, “The Fall of Fannie Mae,” Fortune, January 24,
       2005, pp. 123-140.

           Fannie Mae’s Problem
• Fannie Mae was ordered by the SEC [2004]
to a restatement of earnings of $ 9 billion
(reducing earnings since 2001). Misuse of
hedge-accounting transactions and improper
accounting for loans.
• CFO J. Timothy Howard resigned with an
annual pension of $400,000 and lifetime
access to Fannie Mae’s Medical benefits. Plus
$ 4 million of stock options.
•CEO Franklin Raines was paid more than
$60 million over a 6 year period. On Dec. 21,
2004, Raines took early retirement. $ 1
million annually for life.
•The Board replaced KPMG as Fannie’s
Source: Bethany McLean, “The Fall of Fannie Mae,” Fortune, January
24, 2005, pp. 123-140. Mike McNamee, “Franklin Raines Lost
Gamble,” Business Online, December 22, 2004.
                Lessons From Enron

 Enron’s  management figured an
  ingenious method of overriding the
  double-entry of accounting. They simply
  ignored it.
 It remains the simplest, most elegant
  financial fraud. Enron created special-
  purpose entities (SPEs) and pledged
  Enron stock – just pieces of paper.
 If the SPE was successful, they
  recognized income.
 When the SPE had huge losses they
  issued more paper. Debts were filed off-
  balance sheet in the partnerships.

Source: Joe Anastasi, The New Forensics, John Wiley & Sons, 2003, p. 92-93.

      Cooking the Books-Symbol Technologies

   From 1998 through February 2003, Symbol used a so-
    called “Tango sheet” process through which fraudulent
    “topside” accounting entries were made to reserves
    and other items to conform the unadjusted quarterly
    results to management’s projections;

   Fabrication and misuse of restructuring merger and
    other non-recurring charges to artificially reduce
    operating expenses, create “cookie jar” reserves
    (overstating inventory write-offs) and further manage

   Channel stuffing and other revenue recognition
    schemes, involving both product sales and customer
    services; stuffed the channel by granting resellers
    return rights and contingent payment terms in side

   Manipulation of inventory levels and accounts
    receivable data to conceal the adverse side effects of
    the revenue recognition schemes.

      Cooking the Books-Symbol Technologies

   Warehouse arrangement with a large foreign
    distributor that served as a vehicle for improperly
    recognizing several millions of dollars.

   Directed employees to refrain from scanning new
    components or returned goods into the automated
    accounting system.

   Backdated (cherry picked) stock option exercise dates.

   When “days sales outstanding’ because too large
    because of fraudulent revenue recognition, reclassified
    past due trade accounts receivable into notes
    receivables. A growing DSO figure is often a sign that
    receivables are impaired due to channel stuffing, etc.

   Deferred $3.5 million of FICA insurance costs to a later

   Recognized revenue that was processed in one
    quarter, but shipped the next quarter.

        Seven Investigative Techniques

1.    Public document review and
      background investigation (non-
      financial documents).
2.    Interviews of knowledgeable
3.    Confidential sources.
4.    Laboratory analysis of physical
      and electronic evidence.
5.    Physical and electronic
6.    Undercover operations.
7.    Analysis of financial transactions.

Source: R.A. Nossen, The Detection, Investigation and Prosecution of

      Financial Crimes, Thoth Books, 1993  .
     Financial Fraud Detection

   Interviewing the executives
   Analytics
   Percentage analysis
       Horizontal analysis
       Vertical analysis
       Ratio analysis
   Using checklists to help detect fraud
       SAS checklist
       Attitudes/Rationalizations checklist
       Audit test activities checklist
       Miscellaneous fraud indicator checklist

“Objectively obtaining and evaluating evidence is the
   essence of auditing.”
     (AAA, Committee on Basic Auditing Concepts, 1973, 2)

         Investigative Techniques

         Public Document Review
 Real  and personal property records.
 Corporate and partnership records.

 Civil and criminal records.

 Stock trading activities.

 Check vendors.

           Laboratory Analysis
 Analyzing  fingerprints.
 Forged signatures.

 Fictitious or altered documents.

 Mirror imaging or copying hard
  drives/company servers.
 Use clear cellophane bags for paper
          Analytical Procedures
Analytical procedures involve the study or
  comparison of the relationship between
  two or more measures for the purpose of
  establishing the reasonableness of each
  one compared. Five types of analytical
  procedures help find unusual trends or
  relationships, errors, or fraud:
 Horizontal or Percentage Analysis

 Vertical Analysis

 Variance Analysis

 Ratio Analysis or Benchmarking

 Comparison with other operating

Source: D.L. Crumbley, J.J. O’Shaughnessy, and D.E.
    Ziegenfuss, 2002 U.S. Master Auditing Guide,
    Chicago: Commerce Clearing House, 2002, p.
    592.                                              297
         Sales v. Net Income
Forensic accountants should compare the
trend in sales with the trend in net income.

For example, from 1999 to 2001,
HealthSouth’s net income increased nearly
500%, but revenues grew only 5%. On
March 19, 2003, the SEC said that
HealthSouth faked at least $1.4 billion in
profits since 1999 under the auditing eyes
of Ernst & Young.

The SEC said that HealthSouth started
cooking its numbers in 1986, which Ernst &
Young failed to find over 17 years.
HealthSouth also inflated its cash balances.

    Beware Inter-company Entries
 HealthSouth used PeopleSoft, with at
least 2,000 different ledgers.

Suspense Account             xx
      Revenue                       xx

Accounts Receivable xx
Inventory                    xx
Property                     xx
       Suspense Account             xxx

Most of the entries were inter-company

During 2005, 2004, and 2003,
professional fees associated with the
reconstruction of HealthSouth’s financial
records and restatement of 2001 and
2002 consolidated financial statements
approximated $206.2 million and $70.6
million, respectively.
     Financial Statement Fraud Audit

1.     Obtain current year’s financial
2.     Obtain prior 3 years’ financial
3.     Perform vertical/ horizontal analysis of
       the 4 years, plus all current quarters.
4.     Pay attention to footnotes.
5.     Analysis of %s and footnotes by senior
6.     Nonsense %s and footnotes inquire
       explanations from financial
7.     Interview lower level financial
       employees who approved
       questionable journal vouchers.
8.     Combine explanations with visits to
       accounting records/ source

             Horizontal Analysis

Suppose advertising in the base year
was $100,000 and advertising in
the next three years was $120,000,
$140,000, and $180,000. A
horizontal comparison expressed as
a percentage of the base year
amount of $100,000 would appear
as follows:

             Year 4      Year 3     Year 2      Year 1

              $180,000   $140,000    $120,000   $100,000
Comparison     180%        140%        120%       100%

      Red Flags with Horizontal Analysis

   When deferred revenues (on the balance sheet)
    rise sharply, a company may be having trouble
    delivering its products as promised.
   If either accounts receivable or inventory is rising
    faster than revenue, the company may not be
    selling its goods as fast as needed or may be
    having trouble collecting money from customers.
    For example, in 1997 Sunbeam’s revenue grew
    less than 1% but accounts receivable jumped 23
    percent and inventory grew by 40 percent. Six
    months later in 1998 the company shocked
    investors by reporting a $43 million loss.
   If cash from operations is increasing or decreasing
    at a different rate than net income, the company
    may be being manipulated.
   Falling reserves for bad debts in relation to
    account receivables falsely boosts income (cookie
    jar accounting).

                  More Red Flags
   Look for aggressive revenue recognition
    policies (Qwest Communication, $1.1 billion
    in 1999-2001). Beware of hockey stick
   Beware of the ever-present nonrecurring
    charges (e.g., Kodak for at least 12 years).
   Check for regular changes to reserves,
    depreciation, amortization, or comprehensive
    income policy.
   Related-party transactions (e.g., Enron).
   Complex financial products (e.g.,
   Unsupported top-side entries (e.g.,
   Under-funded defined pension plans.
   Unreasonable management compensation

Source: Scott Green, “Fighting Financial Reporting Fraud,”
   Internal Auditor, December 2003, pp. 58-63.
        Five Statistically Significant Ratios

   Use the ratios for two successive fiscal
   Convert into indexes for benchmarking.

Day’s Sales in Receivable Index:
           (Accounts Receivable t / Sales t )
         (Accounts Receivable t-1 / Sales t-1)
Index for manipulators: 1.5 to 1
Gross Margin Index:
           [(Sales t-1 - Cost of Sales t-1 ) / Sales t-1]

           [(Sales t - Cost of Sales t ) / Sales t]
Index for manipulators = 1.2 to 1
Source: M.D. Beneish, “The Detection of Earnings
   Manipulation,” Financial Analysts Journal,
   September/October, 1999. t-1 = prior year.

         Five Statistically Significant Ratios

Asset Quality Index =

1- (Current Assets t + Net Fixed Assets t )
                           Total Assets t

1 - (Current Assets t-1 + Net Fixed Assets t-1)
                           Total Assets t-1

Index for manipulators = 1.25 to 1
Sales Growth Index : Sales t / Sales t-1

Manipulators: 60%
Non manipulators 10%

Source: M.D. Beneish, “The Detection of Earnings
   Manipulation,” Financial Analysts Journal,
   September/October, 1999. t-1 = prior year.

      Five Statistically Significant Ratios

Total Accruals to Total Assets =
   Δ Working Capital t - Δ Cash t - Δ Current Taxes
   Payable t - Δ Current Portion of LTD t - Δ
   Accumulated depreciation and amortization t
                  Total Assets t

TATA for manipulators: .031
TATA for non manipulators: .018

Source: M.D. Beneish, “The Detection of Earnings
   Manipulation,” Financial Analysts Journal,
   September/October, 1999. LTD = Long-term debt.

        A Charles Lundelius Example

Comparison to peer group benchmarks:

Characteristic       MPS       Peer group           % over
DSRI                 1.56         1.03        51%
GMI                  2.00         1.10        82%
AQI                  1.23         1.04       18%
SGI                  1.50         1.20       25%
TATA                 0.10         0.05       100%

Source: C.R. Lundelius, Financial Reporting Fraud, AICPA, 2003, p.
         Z-Score Methodology
1.   Altman’s Z-Score (Manufacturers)
     AZ-Score = 1.2X1 + 1.4X2 + 3.3X3 + 0.6X4 +
     X1 = Working Capital/Total Assets
     X2 = Retained Earnings/Total Assets
     X3 = EBIT/Total Assets
     X4 = Market Value of Equity/Total Liabilities
     X5 = Sales/Total Assets
     Above 2.99, indicates sound financial health.
     Grey zone, no conclusion can be drawn.
     Below 1.81, indicates financial distress.

2.   Altman’s Double Prime Z-Score
     Change X4 to Total Shareholders’ Equity
     Drop X5
     ADPZ-Score = 6.56X1 + 3.26X2 + 6.72X3 +
     Above 2.6, strong.
     Grey zone, no conclusion can be drawn.
     Below 1.1, weak.                            308
     Z-Score Methodology (cont.)
3.   Private Company Model
     Use book value rather than
     market value of equity.
     PMZ-Score = 0.717X1 + 0.847X2
     + 3.107X3 + 0.420X4 + 0.998X5
     Above 2.90, safety zone.
     Grey zone, no conclusion.
     Lower than 1.23, distress zone.
4.   Hillegeist DPM
     Gives probability of default.
     HZ-Score = 3.835 + 1.13X1 +
     0.005X2 + 0.269X3 + 0.399X4 –
     Where 3.835 is constant.
     Higher the score, the better.
1.   In order to determine how risky a particular company is
     that you are auditing, you prepare these five ratios
     along with the same ratios of this company’s peers:
                                        Company     Peers
      Day’s Sales in Receivable Index     1.51       1.05
      Gross Margin Index                  1.98       1.11
      Asset Quality Index                 1.21       1.01
      Sales Growth Index                  1.53       1.19
      Total Accruals to Total Assets      0.11       0.06

     What are your thoughts about the risk potential of
     this company?
2. You are provided the following information about a
   company for two years (in millions):
                                           2005       2006
      Sales                             $23,000     32,000

      Cost of Sales                      11,960     17,600
      Accounts Receivable                 4,830     10,560

   a. Days Sales in receivable index.
   b. Gross margin index.
   c. Sales growth index.
   Any thoughts about this company?
                        Ratio Analysis

1. Current ratio =
   Current assets (cash and equivalents, receivables and inventories)
   Current liabilities (payables, accruals, taxes, and debt due in 1 year)

                   Cash and equivalents plus receivables
2. Quick ratio =             Current liabilities

3. Working capital = Current assets – Current liabilities

                        Cost of goods sold
4. Inventory turnover = Average inventory

   The number of days inventory is on hand can be calculated as
                        Inventory turnover

                           Net credit sales
5. Receivables turnover = Average receivables

                         Cost of goods sold
6. Gross Margin = 1 –           Sales

                     Selling general and administrative expenses
7. Expense ratio =                      Sales

                         Operating income
8. Operating margin =          Sales

                     Net income before extraordinary items
9. Profit margin =                  Sales

                                Income before interest and taxes
10. Interest coverage ratio =           Fixed charges

                         Income after fixed charges before income taxes
11. Margin of safety =                        Sales

                            Total current and long-term + capitalized leases
12.Debt-to-equity ratio =              Total stockholder’s equity
                                            Total debt at book value
                            Total debt and preferred stock + common stock at market

                               Net income
13.Return on assets (ROA) = Average total assets

               Earnings before interest and taxes
                     Average total assets

                                 Net income
14.Return on equity (ROE) = Average common equity

                                   Earnings before interest and taxes
15. Return on invested capital =
                                       Average invested capital

16.Number of years to pay off debt by application of internally generated cash flows
    Total fixed obligations
   = Operating cash flows

                                             Total senior debt
17. Ratio of senior debt to capital =
                                        Subordinated debt + net worth

The following information is taken from the
  accounting records of Donald Company:

Average receivables              $700,000
Cost of goods sold               2,900,000
Sales                            8,000,000
Average inventory                1,100,000
Net credit sales                 1,200,000
Operating income                   900,000

The inventory turnover is
 1.81
 2.2
 2.64
 2.92
 None of the above.

Using the facts above, the operating margin is
 .1125
 .32
 1.1
 1.6
 None of the above.

              Excel Spreadsheet
Sherron Watkins discovered the Enron fraud in
2001 when she was again working under Andy
Fastow, CFO. She took a simple inventory, using an
Excel spreadsheet to calculate which of the
division’s assets were profitable and which were
         She discovered the special purpose
entities called Raptors, off-the-books partnerships.
Enron had hidden hundreds of millions of losses by
borrowing money from Raptors and promising to
pay the loans back with Enron stock. Enron was
hedging risks in its left pocket with money from its
right pocket.
         As the value of Enron stock fell and the
losses in the Raptors mounted, Enron had to add
more and more stock because Enron had risked
97% of the losses, and Arthur Andersen had agreed
to the accounting.

Source: Mimi Swartz and Sherron Watkins, Power Failure,
New York: Doubleday, 2003, p. 269.

    Investigative Technique: Videotapes
   Average big city resident caught on videotape
    about 75 times a day. Common in workplaces and
    stores (USA).

 Former Coca-Cola secretary convicted of
  conspiring to steal and willing to sell confidential
  Coca-Cola documents and samples of products
  that the company was developing to Pepsi.

 Coca-Cola security expert testified that
  surveillance cameras were monitoring Joya
  Williams’ movements. The surveillance was a key
  part of the government’s evidence.

 She stole the materials and was attempting to sell
  for at least $1.5 million.

   Deeply in debt, unhappy at job, and seeking a big

    Could face 10-years in prison.

Myway, “Video Shows Coke Worker Taking Documents,” January
   26, 2007.
Fraud Awareness Auditing:
      Unrefined Oil


Inventory Turnover =         C of GS
                        Average Inventory
                       = $2.9 million = 2.64%
                          1.1 million

Operating Margin = Operating Income
                  = $900,000 = .1125
                    $8 million

         Thinking as a Forensic Auditor
  The Iceberg Theory of Fraud
Overt Aspects
Hierarchy                                      Structural
Financial Resources                            Considerations
Goals of the Organization
Skills and Abilities of Personnel
Technological State                                     Water
Performance Measurement
        Covert Aspects
        Feelings (Fear, Anger, etc.)
        Norms               Behavioral
        Interaction         Considerations

                  Source: G.J. Bologna and R.J.
                  Lindquist, Fraud Auditing and
                  Forensic Accounting, 2nd Edition,
                  New York: John Wiley, 1995, pp. 36-

                    Deception Tactics

      DECEPTION TACTIC                    Example Application of the
                                             Tactic in Accounting
              Masking                  Failing to record or disclose an
                                       expense or a liability.
              Dazzling                 Disclosing information in the
                                       footnotes to the statements rather
                                       than in showing it in their body.

              Decoying                 Emphasizing legal issues (blind
                                       alleys) that after a close
                                       examination turn out to be
                                       immaterial or handled
           Re-packaging                Describing hard to sell inventory
                                       as saleable. Reframing issues to
                                       maliciously justify the use of
                                       favorable accounting procedures.
             Mimicking                 Creating fictitious transactions or
                                       transactions without substance.
            Double Play                Improperly applying Generally
                                       Accepted Accounting Principles,
                                       where an item is not individually

S. Grazioli, K. Jamal, and P. E. Johnson, “A Cognitive Approach to Fraud
    Detection,” J. of Forensic Accounting, Vol. 7, 2006, p. 70.
      Game Theory and Strategic Reasoning Tips
 Fraud risk assessment
 •    Auditors who use long lists of fraud cues and fraud checklists are
      inaccurate in their fraud-risk assessments.
 •    Auditors generally overweight cues indicative of management’s
      character even though these cues are the most likely cues to be
 •    Audit standards should be designed to persuade auditors to consider
      how management might manipulate their perceptions of fraud cues.

 Audit Planning
 •    Auditors should develop audit strategies that are unpredictable,
      especially with regard to the nature of their evidence.
 •    Audit plans are more predictable and less effective at detecting fraud
      when auditors use procedures based on prior audits or standard audit
 •    Audit standards should require auditors to engage in strategic
      reasoning by considering the types of fraud that management might
      perpetrate and how these frauds might be concealed from the audit.
 •    The goal of audit standards should be to encourage auditors to gather
      new, unusual, or random audit evidence not easily anticipated by

 Implementation of the audit
 •    Learning from experience is critical to effectively performing in a
      strategic setting.
  • Auditors are often insensitive to new evidence regarding fraud risk
      and can more effectively learn from their interactions with the client.
  • Audit standards can improve learning by requiring activities such as
      documenting and communicating the nature of their interactions with
Source: T. J. Wilks and M. F. Zimbelman, “Using Game Theory and Strategic Reasoning
     Techniques to Prevent and Detect Fraud,” Accounting Horizon, September 2004, p. 182.
         Behavioral Concepts Important

        “Not all fraud schemes can
effectively be detected using data-driven
        Instances of corruption-bribery,
kickbacks, and the like – and collusion
consistently involve circumvention of
        Searching relevant transaction data
for patterns and unexplained relationships
often fails to yield results because the
information may not be recorded, per se, by
the system.
        Behavioral concepts and qualitative
factors frequently allow the auditor to look
beyond the data, both with respect to data
that is there and the data that isn’t.”
Source: S. Ramamoorti and S. Curtis, “Procurement Fraud & Data
Analytics, “Journal of Government Financial Management, Winter 2003,
Vol. 52, No. 4, pp. 16-24.

                 Life Styles Important
        For someone who earned a salary of just
$1,000 a month, Rana Koleilat managed to live
a pretty nice life. She traveled by private jet,
took along her servant and hairdresser, and
stayed at luxurious locality in London and Paris.
Back home in Beirut, Lebanon, she lived in a
three-story penthouse. To anyone who asked
how she lived so well, she replied that she had a
“rich uncle.”

        Actually, Koleilat helped manage a
private bank in Beirut, and thereby hangs a tale.
The chairman of the bank said he lost $1.2
billion, and depositors lost another several
hundred million dollars

E.T. Pound, “Following the Old Money Trail,” U.S. News & World Report, April
4, 2005, p. 30.

                Be An Investigator

“Because I was an investigator,” he said.
“O.K.,” she said. “Investigators investigate.
That, I can follow. But don’t they stop
investigating? I mean, ever? When they know
“Investigator never know,” he said. “They
feel, and they guess.”
“I thought they dealt in facts.”
“Not really,” he said. “I mean, eventually they
do, I suppose. But ninety-nine percent of the
time it’s ninety-nine percent about what you
feel. About people. A good investigator is a
person with a feel for people.”

Lee Child, Echo Burning, N.Y.: Jove Books, 2001, p. 281.
     Behavioral Red Flags Present During Fraud Scheme – Sorted by Median Loss

24The sum of percentages in this table exceeds 100 percent because in several
cases the perpetrator exhibited more than one behavioral red flag.

Source: 2008 Wells Report, ACFE.
     Behavioral Red Flags Present During Fraud Scheme – Sorted by Frequency

23The sum of percentages in this table exceeds 100 percent because in several
cases the perpetrator exhibited more than one behavioral red flag.

Source: 2008 Wells Report, ACFE.
  Fraud Identifiers to Spot Fraudsters

    Large ego
    Substance abuse problems or
     gambling addiction
    Living beyond apparent
    Self-absorption
    Hardworking/taking few
    Under financial pressure (e.g.,
     heavy borrowings)
    Sudden mood changes.

Source: G.E. Moulton, “Profile of a Fraudster,”
Deloitte Touche Tohatsu,, 1994.
      Red Flags or Fraud Identifiers
   Earnings problem: downward trend in
   Reduced cash flow: If net income is moving
    up while cash flow from operations is drifting
    downward, something may be wrong.
   Excessive debt: the amount of stockholders'
    or owners' equity should significantly exceed
    the amount of debt.
   Overstated inventories (California Micro) and
    receivables (BDO Seidman): If accounts
    receivables exceeds 15 percent of annual
    sales and inventory exceeds 25 percent of
    cost of goods sold, be careful.
   Inventory plugging: Record sales to other
    chains as if they were retail sales rather than
    wholesale chains (e.g., Crazy Eddie).
   Balancing Act: Inventory, sales, and
    receivables usually move in tandem because
    customers do not pay up front if they can
    avoid it.
   CPA Switching: Firms in the midst of financial
    distress switch auditors more frequently than
    healthy companies.

Red Flags or Fraud Identifiers (contd…)

   Hyped Sales: hyped sales by using his ample
    personal fortune to fund purchases.
   Reducing Expenses: Rent-Way reduced the
    company’s expenses—a reduction of $127
   Ebitda: Earnings before interest, taxes,
    depreciation, and amortization is a popular
    valuation method for capital-intensive
   Off-Balance Sheet Items: Enron had more
    than 2,500 offshore accounts and around
    850 special purpose entities.
   Unconsolidated Entities: Enron did not tell
    Arthur Andersen that certain limited
    partnerships did not have enough outside
    equity and more than $700 million in debt
    should have been included on Enron’s

Red Flags or Fraud Identifiers
   Creative or Strange Accounts: For their
    1997 fiscal year, America Online, Inc.
    showed $385 million in assets on its
    balance sheet called deferred
    subscriber acquisition costs.
   Pension Plans
   Reserve Estimates
   Personal Piggy Bank: Family member
    owners may use a corporation as a
    personal piggy bank at the expense of
    public investors and creditors.
   Barter deals: A number of Internet
    companies used barter transactions
    (or non-cash transactions) to increase
    their revenues.

              Barter Deals

AOL created ad revenues out of thin
air. With an obsession to get
advertising revenue in the door,
“nobody there appears to have paid
much attention to whether the
business deals at issue were really
producing ad ‘revenues’ by any
acceptable definition….”
At least $90 million of revenues
were expunged by mid-2003, with
another $400 million contested.

Source: C.J. Loomis, “Why AOL’s Accounting
Problems Keep Popping Up,” Fortune, April 28,
2003, p. 86.

            Management’s Role

  The Sarbanes-Oxley Act of 2002
mandates that CEOs and CFOs certify in
periodic reports containing financial
statements filed with the SEC the
appropriateness of financial statements
and disclosures.

     In March 2005, the SEC said that
executives are gatekeepers. Thus, an
executive can be in trouble if in a
position to detect wrongdoing below
them and do not move forcefully to
prevent the fraud. It does not matter if
the executive has been lied to. An
executive has the responsibility to cut
through the lies and try to root out the
Carol. J. Loomis, “The SEC Turns the Screws on
Gatekeepers,” Fortune, April 18, 2005, p. 38.

  Pressures On All Sides

  CEOs are now being squeezed as a
result of SOX by BODs, auditors, and
lawyers because these watchdogs are
finally facing genuine liability for their
failures. These watchdogs are trying to
protect their hides.

 Arthur Andersen is out of business, and
directors at WorldCom and Enron are
paying off fraud claims out of their own
pockets. Hank Greenberg, former
Chairman and CEO of AIG said that the
balance of power in corporate America
has shifted.

Diane Brady and Joseph Weber, “The Boss on the Sidelines,”
Business Week, April 25, 2005, p. 88.

          Significant Variables of
          Fraudulent Companies

 Percentage of total Board of Directors
holdings held by insiders.
 Insiders having greater than 50%
control of the BOD.
 CEO also being chairman of the BOD.

 CEO being the company’s founder.

 Lack of an audit committee.

SEC Accounting and Auditing Enforcement Releases (1982-1992).

                              CEO Duality
Eight of the ten recent scandals had board
chairs who were also CEO:
1.Enron                     5. HealthSouth
2.Adelphia                  6. Quest
3.Tyco                      7. Homestore
4.Waste Management          8. Sunbeam

WorldCom and Global Crossing had different
 Chairman and CEO.
Aging Board of Directors. “Easier for
 Management to get away with misdeeds.”
 Enron’s Audit Committee chairman was 72.
 “They can be hard of hearing.” Nearly 10% of
 directors in the S & P’s 500 stock index are
 70 or over.

Source: Louis Lavelle, “Directors: Know When to Fold Them, “Business Week, May 24, 2004, p.14.

              Audit Tests
The Panel on Audit Effectiveness
recommended that surprise or unpredictable
elements should be incorporated into audit
tests, including:
     Recounts of inventory and
        unannounced visits to locations
     Interviews of financial and non-
        financial client personnel in different
     Requests for written confirmations
        from client employees regarding
        matters about which they have made
        representations to the auditors
     Tests of accounts not normally
        performed annually
     Tests of accounts traditionally or
        frequently deemed “low risk”

 Internal Auditors and Fraud
The Institute of Internal Auditors’ Due
Professional Care Standard (Section
280) assigns the internal auditor the
task of assisting in the control of fraud
by examining and evaluating the
adequacy and effectiveness of the
internal control system.

However, Section 280 says that
management has the primary
responsibility for the deterrence of fraud,
and management is responsible for
establishing and maintaining the control
systems. In general, internal auditors are
more concerned with employee fraud
than with management and other
external fraud.
     When Fraud Is Discovered
1.    Notify management or the board when the
      incidence of significant fraud has been
      established to a reasonable certainty.
2.    If the results of a fraud investigation
      indicate that previously undiscovered
      fraud materially adversely affected
      previous financial statements, for one or
      more years, the internal auditor should
      inform appropriate management and the
      audit committee of the board of directors
      of the discovery.
3.    A written report should include all findings,
      conclusions, recommendations, and
      corrective actions taken.
4.    A draft of the written report should be
      submitted to legal counsel for review,
      especially where the internal auditor
      chooses to invoke client privilege.

                Audit Committee
The audit committee is the subcommittee of an
organization’s board of director’s charged with
overseeing the organization’s financial reporting and
internal control processes. The audit committee’s
biggest responsibility is monitoring the component
parts of the audit process.
The board of directors and its representative audit
committee should oversee (1) the integrity, quality,
transparency, and reliability of the financial reporting
process; (2) the adequacy and effectiveness of the
internal control structure in preventing, detecting, and
correcting material misstatements in the financial
statements; and (3) the effectiveness, efficacy, and
objectivity of audit functions.

      Audit Committee Red Flags
• Independence of audit committee from
  management. Audit committee should
  report to BODs.
• The clarity with which the audit
  committee’s responsibilities are articulated,
  such as in the charter, and how well the
  audit committee and management
  understand those responsibilities;
• The audit committee’s interactions and
  involvement with the independent and
  internal auditor; and
• Whether the audit committee raises and
  pursues with management and the
  independent auditor the appropriate
  questions, including questions that indicate
  an understanding of the critical accounting
  policies and judgmental accounting
  estimates.                                   340
                  Computer Forensics
“Today’s Sergeant Joe Friday does not write in a small
notebook in the course of solving crimes; he now
reconstructs the data from imaging hard drives.”

          Joe Anastasi, The New Forensics, John Wiley & Sons, 2003.
“Corporate criminals don’t always tell the truth.
Their computers usually do.”
          Thomas Talleur, KPMG

• “The need for computer forensics has dramatically
  increased. This represents the use of computer
  science principles and investigative techniques to
  obtain digital evidence from computer systems that
  is admissible in a court of law,” says Bruce
• Statistics indicate that 92 percent of new data is
  created electronically and that 70 percent of this data
  never migrates to paper. When investigators ignore
  electronics evidence, it’s analogous to only
  reviewing three out of 10 boxes containing
  potentially relevant and discoverable information.
S. Kahan, “Sherlock Holmes Enters Accounting,” WebCPA, February,
   Data Mining Found WorldCom Mess

Auditors should perform all of the
analytics themselves, and they must be
educated in fraud detection and
introduced to data mining techniques.
When the concept of data mining is
brought up, audit managers cringe and
argue that they cannot afford to employ

However, while there is data mining
software that requires a statistician’s
level of expertise (such as IBM’s
Intelligent Miner), there also are
products, such as WizSoft Inc., that can
be employed by most auditors who are
acquainted with the fundamentals of
Microsoft Office and who are curious as
to why they obtained their audit results.

Source: Bob Denker, “Data Mining and the Auditor’s Responsibility,”
Information Systems Audit and Control Association InfoBytes.
      Technology Knowledge Important
   Ruby Sharma, at E&Y, says that computer forensic services,
    as well as electronic discovery and forensic data analysis, are
    provided by its legal technology services practice, which
    currently consists of 52 professionals, around one-fourth of
    whom are primarily devoted to computer forensics and
    closely related disciplines.
    These computer forensics professionals provide a range of
    services to clients beyond the traditional identification,
    preservation and extraction of electronic evidence from
    digital media, she says. They also provide forensic
    investigations and analysis of digital media to determine the
    circumstances surrounding the creation, deletion or
    modification of specific documents; determine the
    provenance of documents; locate and recover evidence that
    has been either intentionally or unintentionally deleted; and
    determine timelines and event sequences of computer
    activity that may be of value to the investigation.

   Frank Piantidosi, at Deloitte, says that technology is the heart
    of most financial investigations, and electronic data drives
    the investigation. He says that this group provides
    repositories of all the data to the legal teams electronically,
    rather than through the antiquated system of boxes and
    boxes of hard copy files.
   We have developed technology solution that can quickly find
    and accumulate data from various sources anywhere in the
    world, then read the data files using software from India,
    then store the data using Australian technology for 5 to 10

S. Kahan, “Sherlock Holmes Enters Accounting,” WebCPA, February 11, 2007.   343
    Careful of E-mail and Text Messages

    40% of large business and 29% of all
     companies read or analyze outbound e-mails.

    51% of U.S. companies have disciplined an
     employee for violating e-mail policy and 26%
     have fired someone.

    21% investigate blogs or message boards.

Source: Ben Worthen, “Be Careful: Your Boss is Reading,” Wall
   Street Online, June 10, 2008.

    Careful of E-mail and Text Messages

   Do not put anything in an e-mail or text
    message that you do not wish to see in the
    newspaper or on the Internet.

   14,000 flirty and sometimes sexually explicit
    text messages between married Detroit Mayor
    Kwame Kilpatrick and his top aide Christine
    Beatty reprinted in Detroit Free Press. Found
    on the city-issued pager of Beatty.

   Both denied under oath having a physical

Careful of E-mail and Text Messages (cont.)

   “Most investigations begin with a tip from a
    whistleblower or a suspicion of some sort,
    which prompts the audit committee of a
    company's board of directors to call in Vondra
    and his group. They'll begin with high-level
    interviews and then move on to requesting
    and examining e-mails—sometimes as many
    as one million. He and his team run the e-
    mails through programs that search for words
    and phrases like "illegal," "earnings
    management," and "manipulate." The
    programs will call up e-mail strings, which
    may point the auditors to certain accounting
    files, which can then be pulled up and
    scrutinized. ”

    Using Technology to Gather
   Drill-down functionality
   Electronic imaging
   Benford’s law
   Digital Analysis Tests and Statistics
   Data warehousing/mining
   Inductive vs. deductive method

              Technology is Here

“Extensive knowledge and use of technology is
    an absolute necessity. The ability to go into an
    electronic image and download information,
    and to get information from systems that don’t
    talk to each other. All the accumulated
    information can then be reviewed for financial
                       Bert Lacativo, Southlake, Texas
“We use off-the-shelf software (IDEA) to import
     large databases, read different data files, set
     up queries, and compare database files such
     as addresses, telephone numbers, and Social
     Security numbers. This process will tell us, for
     example, if a purchase order was done on
     Saturday or Sunday when the company isn’t
              Cal Klausner, Bethesda, Md.

H.W. Wolosky, “Forensic Accounting to the Forefront,” Practical
    Accountant, February 2004, pp. 23-28

    Data Analysis vs. Data Mining Software
   ACL, IDEA, and SAS are data
    analysis (DA) software used to
    ensure the integrity of data, to
    program continuous monitoring, and
    to detect fraudulent transactions.
   DA requires a program to be set up
    and run against the data. The
    program is written by auditors (i. e.,
    humans) who may be prejudice in
    the routines that are executed.
   Data Mining finds patterns and
    subtle relationships in data.
   Wiz Rule (from WizSoft, Inc.) and
    IBM’s Intelligent Miner are data
    mining software.
Source: Irina Sered, “Software,”

      Wiz Rule Data Auditing Tool
   Based upon data mining.
   Performs complex analysis of data,
    finding errors, inconsistencies, and
    situations that require further
   WizRule reveals all the if-then rules,
    mathematical formula rules, and
    spelling irregularities.
   Divides situations deviating from the
    rules into data entry errors and
    suspicious errors.
   Can be used in auditing, fraud
    detection, data scrubbing, and due
    diligence reviews.
   Learning curve is short.
   Cost license is $1,395 and yearly
    maintenance fee is $279.

Source: Irina Sered, “Software,”
      Who Uses IDEA?

 External and Internal
 Forensic Accountants/
  Fraud Investigators
 Financial managers

 General and systems
 Educators

 Statisticians

 Information systems

          IDEA Benefits

• Sort           • Statistics
• Compare        • Find missing
• Manipulate       data
• Sample         • Analytics
• Extract data
                 • Convert test
• Mathemati-       files to data
  cal testing
• Exception
  reports        • Create
• Aging            summary

          Using Data Mining
   Match employee addresses
    against vendor addresses.
   Sort vendor list by size to
    determine the most highly paid
   Review the structure of vendor
   Uncover indications of ghost
    employees (e.g., N.O. Police
   Fraudulent expense reports (even
    amounts, $6).
   Repeated withdrawals of even
    amounts from petty cash.

          Computer Forensics
        “I need you to step away from your
computer please,” Lee Altschuler said.
Morgan Fay’s chief financial officer glanced up
from her computer screen. She regarded the
man standing at her office doorway for a
moment. “Excuse me?” Cindy Shalott asked.
“We’d like you to please conclude your
business for the day.” Lee Altschuler said. “I’d
appreciate it if you could complete whatever
you’re doing as quickly as you can. Please leave
your computer in the way that it is now. Don’t
turn it off.”
    The chief financial officer swung her desk
chair around.
   “Just move away from your computer
please,” Altschuler repeated.
   “Who are you?” Cindy Shalott asked.
Source: Joe Anastasi, The New Forensics, John Wiley & Sons, 2003, p. 91

                  Ink Analysis
   Martha Stewart was undone by a blue
    ballpoint pen.
   Stockbroker belatedly inserted a note to
    help cover up Ms. Stewart’s improper
    stock trading. Blue ballpoint ink used is
    different from ink elsewhere on the
    trading worksheet.
   Prosecutors used forensic ink analysis in
    Rite Aid case to show that certain
    documents were backdated (ink used to
    sign letter was not commercially available
    until 3 months after the letter was dated).
   Xerox laser printers now encode the serial
    number of each machine in tiny yellow
    dots in every printout, nestled within the
    printed words and margins. It tracks
    back to you like a license plate.
   Advice for fraudsters: use pencils.
Source: Mark Maremont, “In Corporate Crimes, Paper Trail
   Often Leads to Ink Analysts’ Door,” Wall Street J., July 1,
   2003, p. A-1.

        Deductive vs. Inductive
   Deductive: one goes from general to
    specific; fairly simple and economical.
   Inductive: one starts with specific
    experiences and then draws inferences.

Deductive Approach           Inductive Approach
Generic data mining          Custom data mining
Digital analysis             Analysis of all data
Discovery sampling
Generic software             Custom software
For smaller organizations    For larger organizations
Basic features               Sophisticated features
Easy to learn                Requires advanced skills
Relatively inexpensive       More expensive

Source: W.S. Albrecht and C.C. Albrecht, “Root Out
Financial Deception,” Journal of Accountancy (April 2002),
p. 33.
                    Benford’s Law
    Distribution of initial digits in natural numbers is not random
    Predictable patterns:

 0= -----                              12%                10.2%
 1= 30.1%                              11.4%              10.1%
 2= 17.6%                              10.9%              10.1%
 3= 12.5%                              10.4%              10.1%
 4= 9.7%                               10%                10%
 5= 7.9%                               9.7%               10%
 6= 6.7%                               9.3%               9.9%
 7= 5.8%                               9%                 9.9%
 8= 5.1%                               8.8%               9.9%
 9= 4.6%                               8.5%               9.8%
There is software to detect potentially invented numbers in many situations.
    Compare actual frequency with Benford’s frequency.

                 Benford’s Law Uses
   Investments sales/purchases
   Check register.
   Sales history/Price history.
   401 contributions.
   Inventory unit costs.
   Expenses accounts.
   Wire transfer information.
   Life insurance policy values.
   Bad debt expenses.
   Asset/liability accounts.

Source: Richard Lanza, “Digital Analysis- Real World Example,”
   IT Audit, July 1, 1999,pp. 1-9.

               Change the Join Property
The following scenarios illustrate the need for auditors to
   change the default join property to ensure their analysis
   includes all transactions, even if there are no matches in
   the master data:

   Allen is a database administrator. He is authorized to
    manage the company’s ERP software and has been
    granted update access to the application database.
    Using his access privileges, he added a shell company to
    the vendor table. Periodically, he added a record to the
    table of approved invoices. On the entered due date, the
    check was prepared and sent to the “vendor’s” (Allen’s)
    address. When the auditor requested purchasing data,
    Allen handled the request. He then used his access
    privileges to remove the vendor record before sending
    the data to the auditor

    Beth works in accounts payable. Although she is
    responsible for processing checks, a flaw in her
    application access permissions has also given her the
    ability to perform vendor maintenance that, within a
    certain application, grants her update and delete
    authority to all vendor data. Recognizing the fraud
    opportunity of this internal control weakness, Beth
    created several shell companies to which she
    periodically processed checks sent to the fictitious
    vendor’s (Beth’s) address. Before the audit team arrived,
    Beth deleted her shell companies.

Source: M.W. Lehman, “Join the Hunt,” J. of Accountancy,
  September 2008, p. 47.
      Some Uses of Picalo

 Analyzing financial data, employee
  records, and purchasing systems
  for errors and fraud
 Importing Excel, XML, EBCDIC,
  CSV, and TSV files into databases
 Interactively analyzing network
  events, web server logs, and
  system login records
 Importing email into relational or
  text-based databases
 Embedding controls and fraud
  testing routines into production

        Picalo Architecture

   Detectlets allow non-programmers to run
    analysis routines created by others   .
         Computer Aided Audit Applications
Accounts Receivable Applications

   Identify duplicate invoices, credits, or receipts.
   Detect variances between delivery documents and
   Report gaps in a sequence of generated invoices.
   Identify customer accounts with no address,
    telephone, or tax ID.
   Identify credits to dormant or unused accounts.
   Identify duplicate return transactions.
   Extract sales with discounts over a specified
    percentage and summarize by employee.
   List the top 10 employees by cash register
    adjustments (discounts, refunds, sales voids).
   Identify employees who produced cash register
    adjustments a specified percentage more than the
    average employee.
   Summarize refunds by customer credit card number.
   Identify refunds for amounts greater than the selling
   Calculate the number and amount of refunds by sales

Source: D.E. Mensel, “Using Computers to Detect Fraud,” J. of
Forensic Accounting, Vol. VIII (2007), pp. 414-415.
     Computer Aided Audit Applications (cont.)
Accounts Payable Applications

   Compare vendor addresses/ phone numbers to those
    of employees.
   Identify credits given outside discount terms.
   Identify cash discounts not taken.
   Identify checks issued to vendors with names that
    sound similiar to known vendors.
   Extract all round dollar payments.
   Identify payments to vendors with blank information.
   Identify vendors with activity only in one month of the
   Identify duplicate payments.
   Extract duplicate invoices.
   Extract invoices with a valid purchase order.
   Extract multiple invoices with the same item
   Identify vendors with duplicate invoice numbers.
   Identify invoices for the same amount on the same
   Identify sequential invoices.
   Identify new or non-approved vendors.
   Identify vendors with an address that is a mail drop.

Source: D.E. Mensel, “Using Computers to Detect Fraud,” J. of
Forensic Accounting, Vol. VIII (2007), pp. 414-415.
     Computer Aided Audit Applications (cont.)

Materials Management and Inventory Control

    Identify items with below standard gross
    Calculate standard pricing variances.
    Identify negative receipt quantities.
    Identify duplicate items or serial numbers.
    Calculate shortages/ overages by ordering and
     receiving agent and by vendor.
    Identify purchase orders with blank or zero
    Identify purchases of consumer items.

    Source: D.E. Mensel, “Using Computers to Detect Fraud,” J. of
    Forensic Accounting, Vol. VIII (2007), pp. 414-415.
     Computer Aided Audit Applications (cont.)

Payroll Applications

    Identify duplicate direct deposit numbers.
    Identify duplicate employee names,
     addresses, and phone numbers.
    Identify false, invalid, or duplicate Social
     Security numbers.
    Identify employees with no deductions.
    Identify employees with no time off for
     vacations or sick leave.

    Source: D.E. Mensel, “Using Computers to Detect Fraud,” J. of
    Forensic Accounting, Vol. VIII (2007), pp. 414-415.
               Spreadsheet Fraud
   Spreadsheets can be excellent tools
    for committing fraud.
   There is little or no security in
    controlling changes within the
   Aside from fraud, they are ripe
    grounds for errors because of their
    open nature for change.
   For examples, see European
    Spreadsheet Risks Interest Group:

Source: R. B. Lanza, “The Spreadsheet: The Easiest Place for
   Committing Financial Statement Fraud,” Fraud Magazine,
   July/August 2005, p. 15.

          Some Spreadsheet Frauds
   AIB/Allfirst Trading Fraud – The fraudster
    substituted links to his private manipulated
    spreadsheet which exaggerated bonuses by
    more than half a million dollars.
   HealthSouth – Two ex-HealthSouth
    executives admitted that they prepared a
    false spreadsheet for auditors that inflated
    HealthSouth’s assets and made the
    company appear to be worth more than it
   CFX – The Internal Audit Department noted
    in its investigation that management created
    spreadsheets showing desired results first
    and then adjustments were made to the
    accounting system to match the

Source: R. B. Lanza, “The Spreadsheet: The Easiest Place for
    Committing Financial Statement Fraud,” Fraud Magazine,
    July/August 2005, p. 15.

     Combating Spreadsheet Fraud

 Use techniques native in
  Microsoft Excel [enormous
  resources, time, money,
 EXChecker™ (does not allow
  any editing to the Excel

Source: R. B. Lanza, “The Spreadsheet: The
  Easiest Place for Committing Financial
  Statement Fraud,” Fraud Magazine,
  July/August 2005, p. 15.

         When Benford Analysis Is or Is Not Likely
  When Benford Analysis is Likely Useful                            Examples
Sets of numbers that result from                       Accounts receivable (number
mathematical combination of numbers-                   sold times price). Accounts
Result comes from two distributions.                   payable (number bought
                                                       times price).
Transaction-level data – No need to sample.            Disbursements, sales,
On large data sets – The more observations,            Full year’s transactions.
the better.
Accounts that appear to conform – When                 Most sets of accounting
the mean of a set of numbers is greater than           numbers.
the median and the skewness is positive.
When Benford Analysis Is Not Likely                                 Examples
Data set is comprised of assigned numbers              Check numbers, invoice
                                                       numbers, zip codes.
Numbers that are influenced by human                   Prices set at psychological
thought.                                               thresholds ($1.99), ATM
Accounts with a large number of firm-                  An account specifically set up
specific numbers.                                      to record $100 refunds.
Accounts with a built in minimum or                    Set of assets that must meet a
maximum.                                               threshold to be recorded.
Where no transaction is recorded.                      Thefts, kickbacks, contract

Source: Durtschi, Hillison, and Pacini, “The Effective Use of Benford’s Law to Assist in
Detecting Fraud in Accounting Data,” J. of Forensic Accounting, Vol. V, 2004, p. 24.
Fraudulent Tax Returns

         IRS’s Forensic Analysis
IRS  Commissioner Mark W. Everson said that the role of
the IRS in the HealthSouth matter was to trace the flow of
money. “IRS agents in this case used the same
comprehensive financial analysis that we use in criminal
tax investigations to document million of dollars in
transactions through dozens of financial institutions,
including banks and brokerage firms,” Everson said.
“The IRS will use its financial expertise to help the
government hold accountable those executives who
engage in fraud,” Everson said. “Our investigation supports
the money-laundering charges as well as the forfeiture
counts against Mr. Scrushy involving a staggering sum of
money – over a quarter of a billion dollars – which he
accumulated during a seven-year period,”
“This money went to support a lavish lifestyle, one few
Americans could possibly imagine,” the Commissioner
continued. “With his ill-gotten gains, Mr. Scrushy
purchased multiple estates, racing and leisure boats, fine
art by such artists as Picasso, Miro, and Renoir, cars
including a Lamborghini and a Rolls-Royce, and
extravagant jewelry, such as a 22-carat diamond ring.”

Source: Amy Hamilton, “Everson Publicizes Criminal
Charges Against HealthSouth CEO,” Tax Notes, November
10, 2003, p. 671.

Market Segment Specialization

The Market Segment Specialization
Program focuses on developing highly
trained examiners for a particular market
segment. An integral part of the approach
used is the development and publication
of Audit Technique Guides.

These Guides contain examination
techniques, common and unique industry
issues, business practices, industry
terminology, and other information to
assist examiners in performing
examinations. A forensic accountant can
use this resource to learn about a
particular industry.
       Acquisition/Payment Cycle
From 62 standard audit procedures, external and
internal auditors judged these 20 procedures to be
more efficient is detecting fraud in the acquisition and
payment cycle (in descending order).
• Examine bank reconciliation and observe whether
they are prepared monthly by an employee who is
independent of recording cash disbursement or
custody of cash.
• Examine the supporting documentation such as
vendor’s invoices, purchase orders, and receiving
reports before signing of checks by an authorized
• Examine the purchase requisitions, purchase orders,
receiving reports, and vendors’ invoices which are
attached to the vouchers for existence, propriety,
reasonableness and authenticity.
•Examine internal controls to verify the cash
disbursement are recorded for goods actually rendered
to the company.
•Discuss with personnel and observe the segregation
of duties between accounts payable and custody of
signed checks for adequacy.
Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the
Fraud Detection Effectiveness of Standard Audit Procedures,” Journal
of Forensic Accounting, Vol. 4, 2003, p. 204-205                   373
          Acquisition/Payment Cycle (Contd.)
• Confirm inventories in public warehouse and on
•Examine internal controls to insure the vendor’s
invoices, purchase orders, and receiving reports are
matched and approved for payment.
• Examine internal controls for the following
documents: vendor’s invoices, receiving reports,
purchase orders, and receiving reports.
• Trace a sample of acquisitions transactions by
comparing the recorded transactions in the purchase
journal with the vendor’s invoices, purchase
requisitions, purchase orders, and receiving reports.
• Establish whether any unrecorded vendors’ invoices
or unrecorded checks exist.
• Examine the internal control to verify the proper
approvals of purchase requisitions and purchase
• Reconciled recorded cash disbursement with
disbursements on bank statements.

Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the
Fraud Detection Effectiveness of Standard Audit Procedures,” Journal
of Forensic Accounting, Vol. 4, 2003, p. 204-205                   374
        Acquisition/Payment Cycle
• Discover related party transactions.
• Examine the internal control to verify the approvals
of payments on supporting documents at the time that
checks are signed.
• Discuss with personnel and observe the procedures
of examining the supporting documentation before the
signing of checks by an authorized person.
• Examine canceled checks for authorized signatures,
proper endorsements, and cancellation by the bank.
• Account for the numerical sequence of pre-
numbered documents (purchase orders, checks,
receiving reports, and vouchers).
• Trace a sample of cash payment transactions.
• Trace resolution of major discrepancy reports.

Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the
Fraud Detection Effectiveness of Standard Audit Procedures,” Journal
of Forensic Accounting, Vol. 4, 2003, p. 204-205
             Sales/Collection Cycle
These 10 standard audit procedures were judged as
being more effective for detecting fraud in the sales
and collection cycle (in descending order)
• Observe the proper and appropriate segregation of
• Review monthly bank reconciliation and observe
independent reconciliation of bank accounts.
• Investigate the difference between accounts
receivable confirmation and customer account
receivable balances in the subsidiary ledger and
describe all these exceptions, errors, irregularities, and
• Review sales journal, general ledger, cash receipts
journal, accounts receivable subsidiary ledger, and
accounts receivable trial balance for large or unusual
• Verify accounts receivable balance by mailing
positive confirmations.
Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the Fraud
Detection Effectiveness of Standard Audit Procedures,” Journal of Forensic
Accounting, Vol. 4, 2003, p. 209                                           376
          Sales/Collection Cycle (Contd.)

• Examine internal controls to verify that each
cash receipts and credit sales transactions are
properly recorded in the accounts receivable
subsidiary ledger.
• Examine subsequent cash receipts and the
credit file on all accounts over 120 days and
evaluate whether the receivable are collectible.
• Compare dates of deposits with dates in the
cash receipts journal and the prelisting cash
• Examine copies of invoices for supporting the
bills of lading and customers’ orders.

Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the
Fraud Detection Effectiveness of Standard Audit Procedures,”
Journal of Forensic Accounting, Vol. 4, 2003, p. 209
      Inventory/Warehouse Cycle
          These 14 standard audit procedures were
judged by external and internal auditors as being more
effective for detecting fraud in the inventory and
warehousing cycle (in descending order):
• Discover related party transactions.
• Follow up exceptions to make sure they are resolved.
• Review major adjustments for propriety.
• Review inventory count procedures: a. Accounting for
items in transit (in and out); b. Comparison of counts with
inventory records; and c. Reconciliation of difference
between counts and inventory records.
• Review adequacy of physical security for the entire
• Confirm inventories in public warehouse.
• Review procedures for receiving, inspecting, and storing
incoming items and for shipments out of the warehouses.
Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the
Fraud Detection Effectiveness of Standard Audit Procedures,” Journal
of Forensic Accounting, Vol. 4, 2003, p. 206-207

  Inventory/Warehouse Cycle (Contd.)
• Trace shipments to sales records, inventory records,
and bill of lading (shipping documents).
• Determine if access to inventory area is limited to
approval personnel.
• Observe the physical count of all location.
• Recount a sample of client’s counts to make sure the
recorded counts are accurate on the tags (also check
descriptions and unit of count, such as dozen or gross)
• Trace inventory listed in the schedule to inventory
tags and the auditor’s recorded counts for existence,
descriptions, and quantity.
• Trace shipments to sales journal.
• Perform compilation tests to insure that inventory
listing schedules agrees with the physical inventory

Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the
Fraud Detection Effectiveness of Standard Audit Procedures,” Journal
of Forensic Accounting, Vol. 4, 2003, p. 206-207.
          Payroll/Personnel Cycle
These 12 standard audit procedures were judged the
more effective for detecting fraud in the payroll and
personnel cycle (in descending order):
• Sample terminated employees and confirm that they are
not included on subsequent payrolls and confirm propriety
of termination payments.
• Observe the actual distribution of payroll checks to the
• Observe the duties of employees being performed to
insure that separation of duties between personnel,
timekeeping, journalizing payroll transactions, posting
payroll transactions, and payroll disbursement exists.
• Examine internal controls to verify that hiring, pay rates,
payroll deductions, and terminations are authorized by the
personnel department.
• Sample personnel files and physically observe the
presence of personnel in the work place.

Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the
Fraud Detection Effectiveness of Standard Audit Procedures,” Journal
of Forensic Accounting, Vol. 4, 2003, p. 208.
        Payroll/Personnel Cycle (Contd.)
• Examine internal control over payroll records
to verify that payroll transactions are properly
• Discover related party transactions.
• Review the files of new hires for appropriate
approvals, pay rates, and dates of accession.
• Review the payroll journal, general ledger, and
employee individual pay records for large or
unusual amounts.
• Examine internal controls to verify that
unclaimed payroll checks are secured in a vault
or safe with restricted access.
• Examine internal controls to verify that
employee time cards and job order work tickets
are reconciled.
•Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the
Fraud Detection Effectiveness of Standard Audit Procedures,” Journal
of Forensic Accounting, Vol. 4, 2003, p. 208.                     381
                  Class Discussion

     How can you defraud your
own organization, working either
from the inside or outside?


“Fraudsters … identify and exploit
weaknesses specific to the

Herling, D.J., and J. Turner, “Fraud: Effective Use of Legal Remedies for
Corruption,” 9th International Anti-Corruption Conference, October 13, 1999.
PowerPoint presentation slide 56. http://

1.   You receive a tip on the company’s hot line that
     there has been some fraud in the collections
     area. What five audit steps would you suggest
     using in order to find the fraud?
2.   During a brainstorming session, a suggestion is
     made that the most likelihood of fraud in a
     particular division is in the area of acquisition
     and payment cycle. Outline five audit steps to
     help find any potential fraud.
3.   While auditing a company you notice an
     employee in payroll who is living beyond his
     means (e.g., clothes, automobiles, housing). His
     wife does not work. Suggest six audit steps to
     help satisfy you there is no fraud in the payroll
     and personnel cycle.
4.   An anonymous e-mail is sent to an internal
     auditor that there is fraud in the inventory/
     warehousing cycle. Suggest some appropriate
     audit steps.
5.   What is meant by the hockey stick pattern?

The End Is


Shared By:
yaohongm yaohongm http://