Forensic Accounting EJ Ourso College of Business Louisiana by jolinmilioncherie

VIEWS: 29 PAGES: 367

									          Forensic Accounting: Strategies for
            Detecting & Controlling Fraud

             D. Larry Crumbley, CPA, Cr.FA, CFFA, FCPA
                      KPMG Endowed Professor
                     Department of Accounting
                      Louisiana State University
                       Baton Rouge, LA 70803
                         225-578-6201 Fax

Dr. Crumbley is the
  Editor of the Journal of Forensic Accounting: Auditing,
Fraud, and Risk,
  Former chair of the Executive Board of Accounting
Advisors of the American Board of Forensic Accountants,
  Member of the NACVA’s Fraud Deterrence Board, and
  On the AICPA’s Fraud Task Force (2003-2004).
A frequent contributor to the Forensic Examiner and
Value Examiner, Professor Crumbley is a co-author of
CCH Master Auditing Guide, along with more than 50
other books and 350 articles. His latest book entitled
Forensic and Investigative Accounting is published by
Commerce Clearing House (800-224-7477). Some of his
12 educational novels have as the main character a
forensic accountant. His goal is to create a television
series based upon the exciting life of a forensic
accountant and litigation consultant.

Forensic Report

          TALLY STICKS

“External auditors come down the hill
after the battle and bayonet the
wounded. Forensic accountants are the
guys who follow behind them, going
through the soldiers’ pockets looking for
                    Puff Adder

“What the use of finger prints was to the 19th century and DNA
analysis was to the 20th, forensic accounting will be to the 21st

      - Gordon Brown, Chancellor of the Exchequer, 10 October 2006.

                     Glimpse Forward

 Introduction to Forensic Accounting
 Risk Assessment and Fraudulent Financial Reporting
Misappropriation of Assets
Forensic Accounting Processes and Techniques
Computer Forensics
Problem-based learning case study

Now John at the bar is a friend of mine.
He gets me my drinks for free.
Sing us a song, you’re the piano man.
                                                          “Piano Man”Billy Joel

       Some Fraud Figures
  Australia’s annual fraud, 2003, $5.8 billion
or 1.147% of GDP.
 Malaysia’s telecom operators lose 3% of
revenue to fraud each year.
 A KPMG Malaysian survey found that more
than a third of the polled companies lost over
RM 1 million from fraud in 2 years.
 Fraud and abuse in U.S. is $652 billion to
$1 trillion annually.
 The quantity of corruption crimes has
continued to rise in China after the market
liberalizations in 1978 (because so much
more money involved).
 An employee at the Australian mint stole
$100,145 over ten months by hiding bills and
coins in his lunch box and boots. He carried
away on an average 150 coins in each boot
every day.

         Fannie Mae Forensic Probe

   BOD hired investigators who cleared the
    current management of Fannie Mae of
    knowingly participating in any
   The report took 17 months; 616 pages
    plus 2,000 plus pages of supporting
   Cost of $60 million to $70 million.
   The fraud was estimated to be $11
   Former N.H. Senator Warren Rudman
    used The Huron Consulting Group.

    Definition of Forensic Auditor

Someone who can look behind the
facade--not accept the records at
their face value--someone who has
a suspicious mind that the
documents he or she is looking at
may not be what they purport to be
and someone who has the
expertise to go out and conduct
very detailed interviews of
individuals to develop the truth,
especially if some are presumed to
be lying.
  Robert G. Roche, a retired chief of the IRS Criminal Investigation
Division of the IRS

    Narrow vs. Broad Definition

 Narrow: Fraud detection is major

 Broad: Employed to seek, interpret,
and communicate transactional and
reporting event evidence in an
objective, legally sustainable fashion,
not only in situations where there are
specific allegations of wrongdoing, but
also in situations where interested
parties judge that the risk of loss from
wrongdoing is such that proper
prudence requires legally sustainable
evidence to support the conclusion that
no wrongdoing is occurring (James

             Narrow Approach


       Internal and
     Auditing                                        Accounting
                                                     Litigation Matters
     Risk Assessment
                                                     and Investigations
     Internal controls
      Audit Evidence

                         Prevention and Deterrence

U.S. Dept. of Justice, Education and Training in Fraud
and Forensic Accounting: A Guide for Educational
Institutions, Stakeholder Organizations, Faculty and
Students, Draft Copy, December 23, 2005.
             Broad Approach

“I liken it to ‘CSI’ or ‘Law & Order,’ but instead of
figuring out the trajectory of a bullet, you’re trying to
find out how a transaction occurred.”
          Terry McCarthy
Definition of Forensic Accounting
   Forensic accounting is the application of
   accounting, tax, auditing, finance,
   quantitative analysis, investigative and
   research skills, and an understanding of
   the legal process for the purpose of
   identifying, collecting, analyzing, and
   interpreting financial or other data or
   issues in connection with:
1) Litigation services: providing assistance for
   actual, pending or potential legal or
   regulatory proceedings before a trier of fact
   in connection with the resolution of disputes
   between parties, or
2) Non-litigation       services:     performing
   analyses or investigations that may require
   the same skills used in 1, above, but may not
   involve the litigation process.

   Definition of Forensic
Accounting Litigation Service
 Forensic accounting litigation
 services are the professional
 assistance accountants provide
 related to the litigation process.
 These services may involve
 accounting, financial, auditing, tax,
 quantitative      analysis,      and
 investigative and research skills, as
 well as an understanding of the
 legal process to provide assistance
 for actual, pending, or potential
 legal or regulatory proceedings
 before a trier of fact in connection
 with the resolution of a dispute
 between parties.                        13
   Definition of Forensic
 Accounting Non-Litigation
  Forensic accounting non-litigation
services are the professional assistance
accountants provide not related to the
litigation process. These services may
involve accounting, financial, auditing,
tax,     quantitative   analysis,    and
investigative and research skill as well
as an understanding of the legal process
to provide assistance in connection with
matter or issues not involving the
litigation process.

“You’re trying to piece together a puzzle where you
do not have the picture on the box to know what it’s
going to look like. The facts are not settled, and actually
it’s the facts that are in dispute.”
           Andrew Bernstein                                   14
                    Short History
1. Late 1800’s – Find fraud
2. 1930’s- Puff Adder –encyclopedia
3. 1933-1934-independent audits
4. 1950’s-Eighth edition Montgomery auditing reduced formal
   stress on fraud detection.
5. January 1957- H.W. Bevis, AR, questioned the benefit of
   discovering minor employee thefts.
6. 1960s-auditors claimed no responsibility.
7. Financial audits: Consistency.
8. Audit surveillance: test of details (disappeared).
9. Stock market bubble
10. Panel on Audit Effectiveness (2000)
11. Enron/ WorldCom/ Parmalat/ HealthSouth
12. Sarbanes-Oxley/ PCAOB
13. SAS No. 99

  Transparency International Corruption Perceptions Index 2006
Country Rank   Country                      2006 CPI Score   Surveys used   Confidence range

     1         Finland                           9.6              7             9.4 - 9.7

               Iceland                           9.6              6             9.5 - 9.7

               New Zealand                       9.6              7             9.4 - 9.6

     4         Denmark                           9.5              7             9.4 - 9.6

     5         Singapore                         9.4              9             9.2 - 9.5

     6         Sweden                            9.2              7             9.0 - 9.3

     7         Switzerland                       9.1              7             8.9 - 9.2

     8         Norway                            8.8              7             8.4 - 9.1

     9         Australia                         8.7              8             8.3 - 9.0

               Netherlands                       8.7              7             8.3 - 9.0

    11         Austria                           8.6              7             8.2 - 8.9

               Luxembourg                        8.6              6             8.1 - 9.0

               United Kingdom                    8.6              7             8.2 - 8.9

    14         Canada                            8.5              7             8.0 - 8.9

    15         Hong Kong                         8.3              9             7.7 - 8.8

    16         Germany                            8               7             7.8 - 8.4

    17         Japan                             7.6              9             7.0 - 8.1

    18         France                            7.4              7             6.7 - 7.8

               Ireland                           7.4              7             6.7 - 7.9

    20         Belgium                           7.3              7             6.6 - 7.9

               Chile                             7.3              7             6.6 - 7.6

               USA                               7.3              8             6.6 - 7.8

    151        Belarus                           2.1              4             1.9 - 2.2

               Cambodia                          2.1              6             1.9 - 2.4

               Côte d´Ivoire                     2.1              4             2.0 - 2.2

               Equatorial Guinea                 2.1              3             1.7 - 2.2

               Uzbekistan                        2.1              5             1.8 - 2.2

    156        Bangladesh                         2               6             1.7 - 2.2

               Chad                               2               6             1.8 - 2.3

               Congo, Democratic Republic         2               4             1.8 - 2.2

               Sudan                              2               4             1.8 - 2.2

    160        Guinea                            1.9              3             1.7 - 2.1

               Iraq                              1.9              3             1.6 - 2.1

    160        Myanmar                           1.9              3             1.8 - 2.3

    163        Haiti                             1.8              3             1.7 - 1.8

          States Corruption Index

Most corrupt:         Least corrupt:

1.    Mississippi     1.    Nebraska
2.    North Dakota    2.    Oregon
3.    Louisiana       3.    New Hampshire
4.    Alaska          4.    Iowa
5.    Illinois        5.    Colorado
6.    Montana         6.    Utah
7.    South Dakota    7.    Minnesota
8.    Kentucky        8.    Arizona
9.    Florida         9.    Arkansas
10.   New York        10.   Wisconsin

Forensic Accounting Factors

   Time: Forensic accounting focuses
    on the past, although it may do so
    in order to look forward (e.g.,
    damages, valuations).
 Purpose: Forensic accounting is
    performed for a specific legal forum
    or in anticipation of appearing
    before a legal forum.
 Peremptory: Forensic accountants
    may be employed in a wide variety
    of risk management engagements
    within business enterprises as a
    matter of right, without the
    necessity of allegations (e.g.,
            With a single clue a forensic
    accountant can solve a fraudulent
                  One Small Clue
A former Scotland Yard scientist tried to
create the world’s biggest fraud by
authenticating $2.5 trillion worth of fake U.S.
Treasury bonds.
When two men tried to pass off $25 million
worth of the bonds in Toronto in 2001, a
Mountie noticed the bonds bore the word
“dollar” rather “dollars.”
Police later raided a London bank vault and
discovered that the bonds had been printed
with an ink jet printer that had not been
invented when the bonds were allegedly
Zip codes were used even though they were
not introduced until 1963.
Sue Clough, “Bungling Scientist Is Jailed for Plotting World's Biggest
Fraud,”, January 11, 2003.

    Forensic Accounting Areas

Investigative Auditing
Litigation Support

Forensic: Latin for “forum,”
referring to a public place or court.

Black’s Law Dictionary: Forensic,
belonging to the courts of justice.

Note: Corporate spooks are used to check on

                            Forensic Auditing
       Forensic auditing is a type of auditing
that specifically looks for financial
misconduct, and abusive or wasteful activity.
       It is most commonly associated with
gathering evidence that will be presented in a
court of law as part of a financial crime or a
fraud investigation.

Source: B.L. Derby, “Data Mining for Improper Payments,” Journal of Government
Financial Management, Winter, 2003, pp. 10-13
“ Forget the stuffed white shirt, forensic
accountants are more parts Philip Marlowe
than Casper Milquetoast. They open the
books and crack the code, transforming a
dull science of numbers into a suspenseful
mystery with a logical, even riveting
                                                                  Cory Johnson

            Top Niche Services

1. Attest Services                  87%
2. Business Valuations              82%
3. Estate/ Trust/ Estate Planning   82%
4. Forensic/Fraud                   75%
5. Litigation Services              75%
6. International Tax                72%
11. Personal Financial Planning     57%
14. SOX Compliance                  53%
15. Technology consulting           53%

Source: Accounting Today (2008).

    Forensic Accounting vs. Fraud
Forensic Accountant: A forensic
accountant may take on fraud auditing
engagements and may be a fraud
auditor, but he or she will also use
other accounting, consulting, and legal
skills in broader engagements. In
addition to accounting skills, he or she
will need a working knowledge of the
legal system and excellent
communication skills to carry out
expert testimony in the courtroom and
to aid in other litigation support
Crumbley, Heitger, Smith, Forensic and Investigative Accounting (CCH)

             AICPA’s Position
  Public accounting firms could use forensic
accountants to help revise their approach to planning
and fieldwork on all audits, while requiring forensic
accountants only on high risk audit clients to aid in the
interpretation of forensic testing results and preventive
control enhancements.

 Does not require auditors to carryout specific forensic
procedures, but rather provide guidance on how to
include forensic techniques within processes outlines in
SAS 99. This combination will enhance the detection and
prevention of fraudulent financial statement reporting
and misappropriation of assets; thus protect investors
and financial statement users.

 The inclusion of audit procedures focused towards
detecting misappropriation of corporate assets may lead
to the identification of weaknesses within corporate
governance or control weaknesses. Frauds that are
identified which represent a material misappropriation of
assets could significantly impact public perception.

      AICPA’s Position (cont.)
 Professional forensic accountants can best be
used by ensuring such procedures are properly
developed and executed in-line with internal audit
and audit committee concerns. Forensic accountants
could then be engaged in high-risk situations, or
when a fraud is suspected.
 Companies should not use the forensic services of
their outside audit firm, unless it pertains to the
annual audit.
 Putting a price on a substantive test or forensic
auditing procedure may be smart for business;
however, the inherent risk is that short-cuts geared
towards reducing audit costs may eventually cause
investors to question the companies’ true financial

    AICPA – Discussion Memo Question Responses

                     Big-Six's Position
   A forensic audit is akin to a police investigation.

 All public companies should have a forensic
audit on a regular basis. Companies would be
required to have such an audit every three or five
years or face these audits on a random basis.

 Forensic auditors scrutinize all records of
companies, including emails, and would be able, if
not required, to question all company employees,
and to require statements under oath.

 Might be necessary for an audit network or a
specialized forensic auditor to complete a forensic
audit with the aid of independent attorneys (not
these who have represented the audit client in the
other engagements).

Source: “Serving Global Markets and the Global Economy: A View from the CEOs of
the International Audit Networks, November 2006, p. 13.

                         Forensic vs. Fraud Audit

Google result, February 11, 2007
               Forensic Audit, 208,000 hits
               Fraud Audit, 64,500 hits
               Fraud Examination, 74,800 hits
               Fraud Accounting, 45,200 hits
               Forensic Accounting, 1,050,000 hits
               Fraud Investigation, 932,000
               Forensic Investigation, 512,000
               Fraud Auditing, 83,500
I don’t care what they say, but [forensic
    accounting] is here to stay.
                                                                                Danny & the Juniors

I see skies of blue and clouds of white, and I
    think to myself, what a wonderful world.
                                                                                Louis Armstrong

Specialties Within Forensic
and Investigative Accounting

   Employee Crime Specialist.
   Asset Tracing Specialist.
   Litigation Services Specialist and
    Expert Witness.
   Insurance Claims.
   Valuation Analysis.
   False Claims Act Violations.
   Due diligence investigations.

                         Asset Tracing
 Three Italian lawyers said in a filing to be
   presented to a bankruptcy court that they had
   traced $7.7 billion in missing Parmalat funds.
“We are preparing a filing in which we are asking
   for the insolvency status to be revoked
   because the money was robbed and not lost,”
   lawyer Carlo Zauli told Reuters.
But he said it would be an illusion to believe
   proof of electronic transfers of the funds could
   be found and the lawyers representing the
   Parmalat Creditors Committee did not say
   where the money was being held or if it was
An Italian website, TGfin (, said a
   company linked to Parmalat founder Tanzi was
   holding the funds in the form of U.S. bonds in
   an account with Bank of America.
Source: Emilio Parodi and Stefano Bernabei, “Wrap-up 2: Paramalat Fraud Probe Widens
    to Auditors, Ex-Banker, “, January 8, 2004.

       Finding Unreported
     Income/Hidden Assets

1.     Look at the lifestyles.
2.     Look at the expenses.
3.     Look at the cash flow.
4.     Look at the business
5.     Look at the industry ratios.
6.     Consider using private
7.     Use the net worth method.

Mark Kohn, “Unreported Income and Hidden Assets,” Forensic
       Accounting in Matrimonial Divorce, Philadelphia: R.T.
       Edwards, 2005, pp.49-57.

                      Fiction v. Reality

           The main difference between fiction and
     reality is that instead of using mask and gun,
     today’s villains use mouse and keyboard.
     Instead of hiding behind a lamppost in a trench
     coat and fedora, today’s forensic accountants
     are more likely to be hiding behind their own
     computers, searching for clues amid mountains
     of data.
       Source; “Book ‘EM! Forensic Accounting in History and
       Literature,” The Kessler Report, Vol.1, No. 2.

     “Every investigation I did as a prosecutor, you
     have a particular target, but it always branches
     off because something else gets your attention.
     And that’s what is going to happen with a
     forensic accountant.”
               Tom Carlucci:
               E-library Rueter Library September 20, 2002

         Forensic Techniques Become Popular

“In many of the large accounting blow-ups, auditors knew
what was happening,” says Charles Niemeir, “but they
were willing to look the other way.”

There is a need to provide “incentives for people finding
problems,” says Douglas Carmichael. “Right now there
are no incentives for finding problems, and one who does
is treated as a trouble maker.”

Source: Cassell Bryan Low, “Accounting Firms Attempts to
Dispel the Cloud of Fraud,” Wall Street J., May 27, 2003.

  Doug Carmichael, Chief Auditor for Peek-uh-boo,
   faults auditors for not adopting forensic
  Carmichael wishes more “test of details,” not
   relying on test of controls.
  He wishes more shoe-leather work.
  Shoe-leather work is what we do!

Kris Frieswick, “How Audits Must Change,” CFO July
2003, p.48

                  Popular (cont.)

   E&Y’s forensic accounting team is comprised of
    350 practitioners in the U.S. alone, and focuses
    on strategies to mitigate and manage conflict in
    bankruptcy disputes, financial and economic
    damages, fraud and investigations, government
    contracts and grants, insurance claims,
    intellectual assets, and legal technology.

   Deloitte’s forensic accounting expertise includes
    anti-money laundering, the Foreign Corrupt
    Practices Act, purchase price disputes,
    arbitrations, construction fraud, health care fraud,
    construction oversight, intellectual property theft,
    and misdirected royalty revenues, to name just a

    They have forensic labs in nine major cities across
    the U.S. and an additional 18 cities around the
    world, including Hong Kong, London, Amsterdam,
    Frankfurt, Cape Town and Melbourne.” All FAS
    labs meet the FBI’s chain of custody
    requirements. “They are secure, state-of-the-art,
    and house advanced systems for storing and
    accessing data, including dedicated servers and
    fire-resistant safes.

Stuart Kahan, “Sherlock Holmes Enters Accounting,” WebCPA,
    February 11, 2007.                                       33
      Forensic Accountants
“Rather than combing torn clothing,”
forensic accountants “comb through
corporate books, looking for oddities
that could signal swindles,” says
Bruce Dubinsky. Investigations can
be extremely complex, with crates
and crates of documents and
thousands of computer files.
Investigators look for flags or
patterns that would not normally

Source: Mark Maremont, “Tyco Is Likely to Report
New Woes,” Wall Street Journal, April 30, 2003, p.

   Deutsche Bank is being sued for $1.3 billion by
    Bruce Winston (one of the heirs of Harry Winston
    diamond dynasty) for priceless gems
    disappearing from a trust under their control.
   A Burlington, Kentucky city finance director is
    accused of embezzling more than $1.2 million to
    support his estranged wife and his girlfriend.
   Martin Frankel vanished with between $200
    million in cash and diamonds one day. He
    accomplished this insurance fraud by buying
    poorly capitalized insurance companies, cooking
    the books to show increased premium value, and
    by including non-existing real estate and leases
    on the balance sheet.
   Bank of China’s Mr. Wu allegedly embezzling up
    to $18 million from a bank branch, using
    improper bills of exchange. BoC has a number of
    cases involving the embezzlement of $737
    million from branches in the Southern
    Guangdong Province.
   A U.S. Lime officer embezzled nearly $2.2 million
    by forging signatures of other company officers
    on checks, and falsifying the company’s check
    register to create the impression that the
    amounts he received went to U.S. Lime creditors.

                Potpourri (contd …)

   The Chairman of Hyundai Motor, Chung Mong-
    Koo, was sentenced in February 2007, to 3
    years in prison for embezzlement ($100
    million) and breach of trust at South Korea’s
    largest carmaker.
   Spanish authorities shut down Afinsa’s Forum
    stamp-investing programs with several
    hundred thousand of small investors. Alleged
    investments in overvalued stamps and
    suspected pyramid scheme. Eight officials
   In 2000, Rent Way’s CAO artificially reduced
    the company’s expenses by $127 million.
   WorldCom’s external auditors missed about
    $11 billion improperly booked items.
   Ahold NV, a Dutch company, said a U.S. unit
    had overstated revenues by $880 million by
    booking more discounts from suppliers than
    actually received.
   One Philippine peso coin has the same size as
    1 dirham, but worth only 7 fils. Thus, dispense
    machine fraud.
         Auditors Blamed: Deep Pockets

Trustee   for United Companies (UC) said that
Deloitte and Touche was guilty of negligence,
malpractice, misrepresentation, breach of duty,
and fraud.
D & T failed to warn United Companies of all of
the losses it would absorb if the people who took
out the loans defaulted, because the accounting
firm was making millions and millions of dollars in
Loan practice called securitization or bundled
high-interest loans.
$685 million in liability damages.
Plaintiff’s Attorney: Role of auditors is to act as
watchdogs for companies. “A good watchdog
barks when somebody comes into the yard. D & T
is supposed to bark when there is a problem.”
Defendant’s Attorney: “The problem was much
larger than a watchdog could handle. Can a
watchdog stop your house from getting hit by a
hurricane? Of course not.”
Source: Adrian Angelette, “Auditors Blamed, “Baton Rouge Advocate, October
23, 2003, pp. A-1 and a-8

              Auditors Blamed (cont.)

As  part of the securitization agreement,
UC agreed to pay the principal and interest
on defaulted loans.
Creditors contend that UC failed to
account for the interest it was paying, and
D&T should have caught the mistake
After UC wrote off $605 million in debt,
the company filed for bankruptcy.
 Confidential mid-court settlement.

Source: Adrian Angelette, “United Companies Settlement Reached,”
Baton Rouge Advocate, October 31, 2003, pp. A-1 and A-12

               Find It, or I’ll Sue
       Accountants must be attuned
to detecting fraud at every level of
service, including standard
accounting services, compilations,
reviews, and bank reconciliations. If
there is fraud and you don’t detect
it, you are going to be sued, and
you will likely lose, as the public
perception is the accountant is the
              Robert J. DiPasquale, Parsippany, N.J.

Source: H.W. Wolosky, “Forensic Accounting to the Forefront,”
Practical Accountant, February 2004, pp. 23-28.

 Forensic Accounting Knowledge Base



      Forensic Accountant

        Silk, Silk, Silk              40
  Threads of Forensic
Forensic accounting (or at
least accounting expert
witnessing) can be traced as
far back as 1817 to a court
decision. [Meyer v. Sefton]
In 1824, a young accountant
by the name of James
McCleland started business in
Glasgow, Scotland and issued
a circular that advertised
various classes of expert
witness engagements he was
prepared to undertake.
In 1856 in England, the audit
of corporations became
Investigative Accountants
Initially called investigative
accounting, many of the forensic
techniques, such as the net worth
method, were developed by IRS
agents to detect tax evaders.
 Infamous mobster, Al Capone, was
caught when Special Agents of the
IRS stepped in and charged him
with tax evasion.
 Accountants caused the crime
czar’s career to come to an end.

                   Al Capone Caper
        “Perhaps the most celebrated case
of an accountant nailing a famous
criminal was the case of Al Capone. For all
of Capone’s colorful history of violent
crime, the FBI could never gather enough
evidence to convict him until FBI agent
Eliot Ness had an idea.
        He gathered special agents of the
IRS to track the flow of cash from
Capone’s illicit activities. When the
mobster failed to pay taxes on those
earnings, the IRS nailed him for tax
        Capone went to jail and was never
a factor again. IRS recruitment posters
boast till this day: ‘Only an accountant
could catch Al Capone.’”
Source: “Book ‘Em! Forensic Accounting History and Literature,” The Kessler
Report, Vol. 1, No. 2.

Father of Forensic Accounting:

    Maurice E. Peloubet (1946)

        Max Lourie (1953)

        Robert Lindquist (1986)*

 * Repeated, First sentence in N. Brennan and J.
   Hennessy, Forensic Accounting, 2001, p. 5.

    The Essence of Forensic Accounting by
          Maurice Peloubet (1946):

“The preparation of data for and the
appearance before government agencies
as a witness to facts, to accounting
principles, or to the application of
accounting principles is essentially forensic
accounting practice rather than advocacy.”
Modern Version
“Let’s face it, we in the forensic profession
labor in an obscure corner of the vineyard.
We are the carefully selected, trusted,
highly trained guardians of one of the last
great secrets remaining on the face of the
earth - - the $600 billion [now $652], more
or less annual problem nobody knows

Joseph W. Koletar, Fraud Exposed, John Wiley &
Sons, Inc 2003, p. 228.

Be like

         Panel on Audit Effectiveness
   In 1998, the Public Oversight Board
    appointed the Panel on Audit Effectiveness
    to review and evaluate how independent
    audits of the financial statements of public
    companies are performed and to assess
    whether recent trends in audit practices
    serve the public interest.
   In 2000, the Panel issues a 200-page
    report, Report and Recommendations,
    which includes a recommendation that
    auditors should perform forensic-type
    procedures during every audit to enhance
    the prospects of detecting material
    financial statement fraud.
   Did not believe a GAAS audit should
    become a fraud audit.
   In all audits the degree of audit effort in
    forensic- type steps should be more than
    inconsequential [p. 24].

Required Forensic Audits Coming?

   The accounting profession may be
    making a strategic shift as they see that
    SAS No. 99 and the other rules are not
    protecting them from being the insurer
    of last resort.

   The Big Four along with Grant Thornton
    and BDO International recently released
    a report entitled “Serving Global Capital
    Markets and the Global Economy.”

   In the report, one of the things they are
    suggesting is for companies to have a
    forensic audit. Companies would be
    required to have such an audit every
    five years or face these audits on a
    random basis.

“Auditing Firms Urge New Ways to Detect Fraud,” News
    Staff. Posted on November 11, 2006.

     Fraud Strategies Differ
1.   Forensic Accountants
2.   Internal Auditors
3.   External Auditors
4.   Fraud Examiners
5.   Certified Fraud Deterrence
     Analysts (CFD) or CFFAs
6.   Forensic CPA Society (FCPA)

   The ACFE group indicates that in the
    private sector, a fraud investigation
    should not be conducted without
    proper predication.
   Examples: Anonymous tips,
    complaints, audit inquires, conflict of
   Thus, predication is the basis for
    undertaking a fraud investigation.
   Without predication, the target might
    be able to sue for real or imaginary

 Who Do You Call?

Detection v.

Proactive v.

  Three Classes of Controls
Preventive controls: These controls are first in line to
prevent errors, omissions, or security incidents from
occurring. Examples include controls that restrict access
to systems to authorized persons such as intrusion
prevention systems and firewalls, and integrity
constraints that are embedded within a Database
Management System. Most Efficient

Detective controls: These controls detect errors or
incidents that have eluded the preventative controls.
Examples include controls that test whether authorization
limits have been exceeded, or an analysis of activity in
previously dormant accounts. Important when preventive
controls weak. Examples include situations where the
transactions are derived from third party reports such as
sales reports from franchisees, warranty claims reported
by auto dealers, baggage claims reported by passengers
at airports, and reports of coupons or rebates redeemed
by redemption processors.

Corrective controls: These controls correct errors,
omissions, or incidents after detection. They vary from
simple correction of data-entry errors, to identifying and
removing unauthorized users from systems or networks.
Corrective controls are the actions taken to minimize
further losses.

Sources: IIA, 2005, Global Technology Audit Guide: IT Controls,
Altamonte Springs, Fl; M. J. Nigrini, “Monitoring Techniques
Available to the Forensic Accountants,” J. of Forensic
Accounting, Vol. 7, 2006, p. 322.

  Where Fraud Prevention and Security Meet

             Fraud Prevention               Security

      Compliance         Background Checks       Guards
      Data Mining for    Site Security Survey    Closed Circuit
      Fraud              Loss Prevention         TV
      Ethics Policy      Strategy                Swipe Cards
      Anonymous          Information Security    Locks
      Tip Line           Investigations          Fences
      Risk Assessment    Interviews              Badges
      Fraud Policy       Screening Tools for     Disaster
                         External Fraud          Recovery

Source: M.T. Biegelman and J. T. Bartow, Executive Roadmap to Fraud
    Prevention and Internal Controls, John Wiley, 2006, pp. 325-326.

    Balancing Risks and Controls

Excessive Risks

•   Loss of Assets
•   Poor Business Decisions
•   Noncompliance
•   Public Scandals
•   Increased Regulations

Excessive Controls

•    Increased Bureaucracy
•    Reduced Productivity
•    Increased Complexity
•    Increased Cycle Time
•    Increase of no-value activities

        Types of Controls
Preventive controls
• Segregation of duties
• Required approvals
• Securing assets
• Passwords
• Using document control numbers
• Drug testing
• Job rotation
• Computer backup
Detective controls
• Reconciliations
• Reviews
• Event notifications
• Surprise cash count
• Counting inventory

Corrective controls
• Training
• Process redesign
• Additional technology
• Quality circle teams
• Budget variance reports
        Forensic-Type Organizations
   American College of Forensic Examiners (2750 E. Sunshine,
    Springfield, MO 65804; 800-423-9737; DABFA
    and Cr.FA; 2000)
   Certified Fraud Examiners (Association of CFEs, The Gregor
    Bldg., 716 West Avenue Austin, TX 78701; 800-245-3321;
   Certified Insolvency and Reorganization Accountant (CIRAs).
    Accountants, lawyers, consultants included in insolvency and
    bankruptcy matters. 3-part exam. 4,000 hours. 541.858.1665.
    AIRA, 221Stewart Avenue, Suite 207, Medford, Or. 97501.
   Forensic CPA Society (FCPA); formed in July 2005, Spokane,
   Certified Forensic Financial Analyst (NACVA, Salt Lake City,
    Utah 84106; 801-486-0600). Also, Certified Fraud Deterrence
    (CFD) analyst. [CFFA and CFD have merged.]
   National Litigation Support Services Association (NLSSA, III
    East Wacker Drive, Suite 990, Chicago, IL 60601; 800-869-
    0491). Not-for-profit. About 20 firms. $1,825.
   Canadian Institute of Chartered Accountants (CICA) – CA.IFA –
    Alliance for Excellence in Investigative Accounting.
   Certified Forensic Investigator (CFI) – Canada Early 1980’s.
   Certified Fraud Specialist (CFS), not-for-profit, educational anti-
    fraud corporation located in Sacramento, Calif., for those
    dealing in white-collar crime, fraud, and abuse issues.
    Association of Certified Fraud Specialists.

  Some accountants believe that ethics is a place in

                     Essex, U.K.
A statement made by Mark Twain
  about New England weather applies
  to fraud and corruption:
“It’s hard to predict, but everyone
  agrees there’s plenty of it.”
As Sherlock Holmes said, “the game
  is afoot.”
Read My Lips; It’s The Fraud, Stupid.

      Termites, Rust, and Fraud

• Just as termites never sleep, fraud never
• Just like termites, fraud can destroy the
foundation of an entity.
Like rust, fraud never sleeps.

"It is simply impossible to eliminate economic crime. It's
like fighting the mythical Hydra, cutting off one form of
fraud merely allows another to grow. Controls alone are
not enough. The answer lies in establishing a culture that
supports control efforts and whistle-blowing with clear
ethical guidelines. Companies need to build loyalty to the
organization which gives employees the confidence to do
the right thing, and identify clear sanctions for those who
commit fraud, regardless of their position in the
                             Steven Skalak
White-Collar Crime: Rich
      People Steal
• Edwin Sutherland coined the term
  “white-collar crime.” [Indiana
  University sociology professor.]
• Sutherland believed that white-
  collar crime is a learned behavior,
  a consequence of corporate culture
  where regulations are regarded as
  harassment, and profit is the
  measure of the man.
• “White-collar crime violates trust
  and thus creates distrust, and this
  lowers social morale and produces
  social disorganization on a large

Cynthia Crossen, “A Thirties Revelation: Rich People
  Who Steal are Criminals, Too,” Wall Street Journal,
  October 15, 2003, p. B-1.                             59
   FBI Crime Classification Manual

1. Personal Cause Homicide.

2. Sexual Homicide.

3. Group Cause Homicide.

4. Criminal Enterprise Homicide

   •   Contract killing.
   •   Gang-motivated.
   •   Criminal competition.
   •   Kidnap murder.
   •   Product tampering.
   •   Drug murder.
   •   Insurance/ inheritance.
   •   Felony-murder.
   •   Commercial profit.

                   Red-Collar Crime

• A person who physically harms
  someone that may have, or is on the
  verge of detecting their fraudulent
• Fraud-detection homicide.
• Myth: White-collar criminals not violent
• Forensic accountants may be used in
  a homicide investigation when fraud
  detection may be the motive for the
• Fraud-detection motive may be
  important when a prosecutor has
  weak direct evidence.

Source: F.S. Perri and T.G. Lichtenwald, “A Proposed Addition to the FBI
  Criminal Classification Manual: Fraud-Detection Homicide,” The
  Forensic Examiner, Winter 2007, pp. 18-30.
     Michael Comer’s Types of Fraud

1. Corruptions (e.g., kickbacks).
2. Conflicts of interest (e.g., drug/alcohol
   abuse, part-time work).
3. Theft of assets.

4. False reporting or falsifying
   performance (e.g., false accounts,
   manipulating financial results).
5. Technological abuse (e.g., computer
   related fraud, unauthorized Internet
Comer’s Rule: Fraud can happen to
   anyone at anytime.

Source: M.J. Comer, Investigating Corporate Fraud,
   Burlington, Vt.: Gower Publishing Co., 2003, pp. 4-5.

       How Corruption Occurs

     Category                          %
     Conflicts of                  61.6%
     Bribery                       42.7%
     Illegal Gratuities            29.8%
     Extortion                     16.9%

Source: 2006 Wells Report, ACFE.

Given the right pressures, opportunities, and
rationalizations, many employees are capable of
committing fraud.

Bev Harris says that fraudsters and embezzlers are
the nicest people in the world:
      Wide-eyed mothers of preschoolers. Your
      best friend. CPAs with impeccable resumes.
      People who profess deep religious
      commitments. Your partner. Loyal business
      managers who arrive early, stay late, and
      never take a vacation. And sometimes, even
      FAMILY MEMBERS. So if you’re looking for a
      sinister waxed mustache and shifty eyes,
      you’re in for a surprise – scoundrels come in
      every description.

Source: “How to Unbezzle A Fortune,”, p. 1.

Starwoods Hotels Poll of Executives

Starwoods Hotels interviewed 401
top executives who golf. The
results are surprising.
Consider themselves to be honest in             99%
Played with someone who cheats at               87%
Cheated themselves at golf                      82%
Hated others who cheated at golf                82%
Believe that business and golf behaviors        72%
are parallel

Source: Del Jones, “Many CEOs Bend The Rules (of Golf),”
USA Today, June 26, 2002, p. A-1.

    The Cost of Fraud

   Organizations lose 5 percent of
    annual revenue to fraud and
   Fraud and abuse costs U.S.
    organizations more than $652
    billion annually (about $4,500
    per employee).
   The average organization loses
    more than $12 a day per
    employee due to fraud and
     Source: 2006 Wells Report
         The Trillion Dollar Gorilla
                                                 (in Billions)
U.S. Business1                                       $256.32
Federal Government2                                    239.75
State Government3                                      354.21
Tax-exempts4                                           134.5
Local Government5                                           68.4
Annual Fraud (trillion)                             $ 1.053

1. 2002 Statistics of Income, $1,281.6 trillion time 20%.
2. $2.3975 trillion budget times 10%
3. $3,542.1 million times 10%
4. $897 billion in revenue times 15%.
5. $684.6 billion times 10%.

             Fraud Multiplier
Employee Fraud = $ for $ reduction in net
Suppose $100,000 bottom line reduction.
Suppose 20% profit margin
How much new revenue needed to offset
the lost income?
$100,000 = $500,000
So ACFE says $652 billion lost per year (2006).
$652 billion = $3.26 trillion needed
     20%                   revenue
 The FBI estimates that white collar crime
 is $300 billion each year in the U.S.

    The Cost of Fraud (cont.)
   Over 90% of occupational frauds
    involve asset misappropriations.
   Average length of a fraud scheme
    is 15 to 24 months.
   Most common way of detecting
    occupational fraud is by tips from
    employees, customers, vendors, or
    anonymous sources.
   Second way, by accident.
   Third most common detection:
    internal audit (2nd in 2004).
   The most targeted asset is cash.

            Source: 2006 Wells Report

     Ernst & Young 2002 Survey
• More than 20 percent of the respondents were
aware of fraud in their workplace.
• Nearly 80 percent would be willing to turn in a
colleague thought to be committing a fraudulent
• Employers lose a staggering 20 percent of every
dollar earned to some type of workplace fraud.
• More frequently committed frauds are theft of
office items, claiming extra hours worked, inflating
expense accounts, and taking kickbacks from
• Women are more likely than men to report
fraudulent activities.
• Older employees were more likely to report
fraudulent activities than younger employees.
Ernst & Young. “American Works: Employers Lose 20 Percent
of Every Dollar to Work Place Fraud.” (2002) Available at
05-02DC                                                   70
Advantage of Compliance Spending

      General Counsel Roundtable
says that each $1 of compliance
spending saves organizations, on
the average, $5.21 in heightened
avoidance of legal liabilities, harm
to the organization’s reputation,
and lost productivity.

Source: Jonny Frank, “Fraud Risk Assessments,” Internal
Auditor, April 2004, p. 47.

              Comparison of Selected Fraud Surveys

                                           KPMG                      PwC                       ACFE

Type                                   Questionnaire              Interview               Questionnaire
Time Period                             2005-2006                   2005                       2006
Number of participants                 4,056 (6,797)                3,634                 1,134 (11,112)
Response                                   59.7%                  Unknown                     10.2%
Estimated fraud in U.S.                  Not given         $1.7 million per company   $652 billion (revenue)
% of companies experiencing            74% reporting          45% tangible fraud          Unclear (100%)
       fraud                               misconduct
Highest fraud industry                  Public sector         Retail/ Consumers         Banking/ Financial
Second highest fraud industry       Global Manufacturers      Financial Services           Government
Top – Fraud detection – Tips             Not given                   28%                      34.2%
Fraud detection – Internal audits        Not given                   26%                      20.2%
Fraud detection – by accident            Not given                   6%                       25.4%
Some recover of fraud                    Not given                   47%                      57.9%
Gender of perps - male                   Not given                   87%                       61%
Likely age                               Not given               31-40 (38%)              41-50 (34.6%)
Fraud by senior mgt.                     Not given                   24%                      20.9%
Fraud by Accounting dept.                Not given                Not given                   30.3%
Fraud with undergraduate                 Not given                   52%                      45.6%
Best control measure                                           External audits        Hotlines/ surprise audit
Second best control measure                                     Internal audits            Internal audit

               PWC 2007 Survey
   Fraud's pervasiveness
      Over 43 percent of the companies interviewed
       reported suffering one or more significant economic
      The average loss from fraud per company
       increased nearly 40 percent in two years from
       roughly US$1.7 million in 2005 to approximately
       US$2.4 million in 2007.
      Over 80 percent of our respondents who suffered fraud
       also stated that this had caused damage — or
       significant damage — to their business.
      No industry is immune from the threat posed by
       economic crime although different sectors are
       impacted by different types of fraud.
   Management's impact
      The level of collateral damage is directly proportional
       to the seniority of the perpetrator. In 29 percent of the
       occasions where senior managers were involved, the
       collateral damage to the brand was very significant.
   Controls and culture
      Internal controls are not enough. An ethical corporate
       culture plays an equally important role in deterring
      Companies with both ethical guidelines and
       compliance programs report suffering fewer economic

       PWC 2007 Survey (cont.)
   Emerging markets
      Over 43 percent of the companies
       interviewed reported suffering one or more
       significant economic crimes in the past two
      Companies in which parent and
       subsidiaries employed different accounting
       systems where more susceptible to fraud
       (61 percent of cases) than those operating
       a unilateral system (52 percent).
      E7 'experts' perceive significant risk
       associated with levels of corruption, staff
       integrity and legal environment in the
       emerging markets.
      Actual levels of reported fraud in the E7
       countries are consistently high in the area
       of asset misappropriation.
      44 percent of IP infringement cases
       (worldwide) that involved a perpetrator
       overseas involved a perpetrator from

Source: PWC Global Economic Crime Survey
         Scienter Necessary

   To prove any type of fraud,
    prosecutors must show that scienter
    was present.
 That is, the fraudster must have
    known that his or her actions were
    intended to deceive.
The allure of numbers to most of us, is
    like the excitement of settling sand--a
    narcoleptic surety. Crafty criminals
    prey on this boredom. They pile on
    the numbers, spewing meaningless
    records in the false books.

                         Cory Johnson

Legally, Black’s Law Dictionary defines fraud as:
All multifarious means which human ingenuity can
      devise, and which are resorted to by one individual
      to get an advantage over another by false
      suggestions or suppression of the truth, and
      includes all surprise, trick, cunning or dissembling,
      and any unfair way by which another is cheated.
The four legal elements to fraud are
 A false representation or willful omission regarding
      a material fact.
 The fraudster knew the representation was false.
 The target relied on this misappropriation.
 The victim suffered damages or incurred a loss.
Institute of Internal Auditors definition:
Any illegal acts characterized by deceit,
   concealment, or violation of trust. These acts
   are not dependent upon the applications to
   obtain money, property, or services; to avoid
   payment or loss of services; or to secure
   personal or business advantage.

 How Fraud Occurs

Source: KPMG Fraud Study

Types of Fraud

Source: KPMG Fraud Study

Certain Fraud is Increasing

   Source: KPMG Fraud Study

  Occupational Fraud By Industry

                                               Loss ($)
     Banking/ Financial Services    14.3%     258,000
     Government/ Public             11.5%      82,000
     Manufacturing                  9.7%      413,000
     HealthCare                     8.6%      160,000
     Insurance                      7.5%      100,000
     Retail                         7.2%       80,000
     Education                      7.0%      100,000
     Service (General)              5.8%      163,000
     Service (Professional, etc.)   5.6%      300,000
     Construction                   3.4%      500,000
     Utilities                      3.3%      124,000
     Oil/ Gas                       3.1%      154,000
     Real Estate                    2.9%      200,000
     Wholesale trade                2.9%     1,000,000
     Mining                         .01%    17,000,000

Source: 2006 Wells Report, ACFE.
One Piece at a Time

   Johnny Cash
           One Piece At A Time
Well, I left Kentucky back in '49
   An' went to Detroit workin' on a 'sembly line
   The first year they had me puttin' wheels on cadillacs
Every day I'd watch them beauties roll by
   And sometimes I'd hang my head and cry
   'Cause I always wanted me one that was long and

   One day I devised myself a plan
   That should be the envy of most any man
   I'd sneak it out of there in a lunchbox in my hand
   Now gettin' caught meant gettin' fired
   But I figured I'd have it all by the time I retired
   I'd have me a car worth at least a hundred grand.
   I'd get it one piece at a time
   And it wouldn't cost me a dime
   You'll know it's me when I come through your town
   I'm gonna ride around in style
   I'm gonna drive everybody wild
   'Cause I'll have the only one there is a round.

   So the very next day when I punched in
   With my big lunchbox and with help from my friends
   I left that day with a lunch box full of gears
   Now, I never considered myself a thief
   GM wouldn't miss just one little piece
   Especially if I strung it out over several years.
             One Piece At A Time
The first day I got me a fuel pump
   And the next day I got me an engine and a trunk
   Then I got me a transmission and all of the chrome
   The little things I could get in my big lunchbox
   Like nuts, an' bolts, and all four shocks
   But the big stuff we snuck out in my buddy's mobile home.

   Now, up to now my plan went all right
   'Til we tried to put it all together one night
   And that's when we noticed that something was definitely
The transmission was a '53
   And the motor turned out to be a '73
   And when we tried to put in the bolts all the holes were gone.
So we drilled it out so that it would fit
   And with a little bit of help with an A-daptor kit
   We had that engine runnin' just like a song
   Now the headlight' was another sight
   We had two on the left and one on the right
   But when we pulled out the switch all three of 'em come on.

    The back end looked kinda funny too
    But we put it together and when we got thru
    Well, that's when we noticed that we only had one tail-fin
    About that time my wife walked out
    And I could see in her eyes that she had her doubts
    But she opened the door and said "Honey, take me for a

              One Piece At A Time

So we drove up town just to get the tags
   And I headed her right on down main drag
   I could hear everybody laughin' for blocks around
   But up there at the court house they didn't laugh
   'Cause to type it up it took the whole staff
   And when they got through the title weighed sixty pounds
   I got it one piece at a time
   And it didn't cost me a dime
   You'll know it's me when I come through your town
   I'm gonna ride around in style
   I'm gonna drive everybody wild
   'Cause I'll have the only one there is around.
(Spoken) Ugh! Yow, RED RYDER
   This is the COTTON MOUTH
Huh, This is the COTTON MOUTH
   And negatory on the cost of this mow-chine there RED
   You might say I went right up to the factory
   And picked it up, it's cheaper that way
   Ugh!, what model is it?

   Well, It's a '49, '50, '51, '52, '53, '54, '55, '56
   '57, '58' 59' automobile
   It's a '60, '61, '62, '63, '64, '65, '66, '67
   '68, '69, '70 automobile.

              Missing Fraud
Auditors will continue to miss fraud
because much of their work is predicted on
the assumption that separation of duties
prevents fraud (i.e., one person hold the
money and another person keeps track of
it). The Equity Funding case shakes the
foundations of auditing in that so much is
based on the assumption that people
don’t collude very long. These people
work together as an efficient team for a
very long time [9 years].
                                    Lee Seidler
“When the sun goes down, then the
sneaks will play at night.”
From Porter Wagoner “Sneaks Crawl at Night.”     85
             The Perpetrators

    First-time offenders.
    Losses from fraud caused by
     managers and executives were 3.5
     times greater than those caused by
     non-managerial employees.
    Losses caused by men were 3 times
     those caused by women. [53%
     males; 47% females]
    Losses caused by perpetrators 60
     and older were 27 times those
     caused by perpetrators 25 or
    Losses caused by perpetrators with
     post-graduate degrees were more
     than 3.5 times greater than those
     caused by high school graduates.

Source: 2002 ACFE Report

FBI Part 2 Offenses — Female

 Embezzlement         41%
 Fraud                39%
 Forgery              36%
 Larceny – theft      33%
 Serial Killer (62)   20%

    White-collar criminals have these

   Likely to be married.
   Member of a church.
   Educated beyond high school.
   No arrest record.
   Age range from teens to over
   Socially conforming.
   Employment tenure from 1 to
    20 years.
   Acts alone 70% of the time.

Source: Jack Robertson, Fraud Examination for
    Managers and Auditors (1997).

     Other Characteristics of Occupational

   Egotistical                Inquisitive
   Risk taker
                               Rule breaker
   Hard Worker
   Greedy
                               Under stress
   Disgruntled or a           Financial need
                               Big spender
   Overwhelming
    desire for personal        Close
                                relationship with
   Pressured to                vendors /

Source: Lisa Eversole, “Profile of a Fraudster,” Some Fraud

 To be a forensic auditor, you have
 to have a knowledge of fraud,
 what fraud looks like, how it works,
 and how and why people steal.
              - Robert J. Lindquist

"Finding fraud is like using a metal
detector at a city dump to find rare
coins. You're going to have a lot of
false hits."
            - D. Larry Crumbley

“Fraud can be best prevented by good
people asking the right questions at
the right time.”
            - Michael J. Comer
“Finding fraud is like trying to load frogs
on to a wheelbarrow.”
        Larry Crumbley

   It’s easy to fall in love;
   It’s easy to commit fraud;
   It’s hard to catch the fraud.

         Fraud Catching

Finding fraud is like trying to herd
cats and chickens.
There is a chicken catching
machine (150 chickens per
minute),* but there is no perfect
fraud catching machine.
              D. Larry Crumbley

* PH2000 mechanical chicken harvester.
Scott Kilman, “Poultry in Motion: Chicken
Catching Goes High Tech,” Wall Street
Journal, June 4, 2003, p. A-1. Human can
catch about 1,000 an hour. $200,000 cost.

         How Fraud Is Detected

                                    2006        2004
1.   Tips                          34.2%       39.6%
2.   By accident                   25.4%       21.3%
3.   Internal audit                20.2%       23.8%
4.   Internal controls             19.2%       18.4%
5.   External audits               12.0%       10.9%
6.   Notification by police          3.8%        0.9%
 Source: 2006/ 2004 Wells Reports, ACFE.

A British publication suggests that prosecutors think
that accountants have x-ray vision. “It is assumed
that if an accountant stares really hard at a set of
accounts, then somehow, magically, information will
appear before his/ her eyes that are invisible to lesser

NIFA News, Number 10, p.1.                                 93
          Sources of Tips

   1.   Employees                  64.1%
   2.   Anonymous                  18.1%
   3.   Customers                  10.7%
   4.   Vendors                     7.1%

Source: 2006 Wells Report, ACFE.

           Tips Are Important

    Some of the biggest recent accounting
scandals (e.g., HealthSouth, Xerox, Waste
Management) involve situations where the
auditors were tipped off or otherwise
alerted to possible frauds but they failed to
investigate them deeply enough.
    In her book Power Failure, Sherron
Watkins says she talked to Jim Hecker, at
Arthur Andersen, on the phone about the
dangers of the Raptors and Fastow’s
inherent conflict. Hecker wrote a memo to
the files and forwarded copies to David
Duncan and Enron’s audit partner, Debra
Cash. His note: “Here is my draft memo, for
your review, for ‘smoking guns’ that you can
not extinguish.” p. 285.

   Finding Fraud In The Midst of a Conspiracy

When speaking about the fraud of HealthSouth, a
  spokesman for Ernst & Young emphasized the
  difficulty of detecting accounting fraud in the
  midst of a conspiracy of senior executives and
  false documentation.
An accountant testified that HealthSouth employees
  would move expenses of $500 to $4,999 from
  the income statement to the balance sheet
  throughout the year. Overall the SEC said about
  $1 billion in fixed assets were falsely entered. The
  employees moved only those expenses less than
  $5,000, because Ernst & Young automatically
  looked at those expenses over $5,000.
An ex-bookkeeper even sent Ernst & Young an e-
  mail flagging one area of the fraud, but E & Y still
  did not catch it. Employees actually produced
  false invoices when the accounting firm asked for

Source: Charles Mollenkamp, “Accountant Tried in Vain to Expose
  HealthSouth Fraud,” Wall Street Journal, May 20, 2003, pp. A-1
  and A-13.

You should attack fraud problems
the way the fictional Sherlock
Holmes approached murder cases
                        D. Larry Crumbley
To be a good fraud auditor, you
have to be a good detective.
             Source: Robert J. Lindquist
Many lap-dog internal and
external auditors need to be
replaced with junkyard dogs.
                           D. Larry Crumbley

                Difficult Task

    More forensic techniques should
become a part of both external and internal
auditing. But Stephen Seliskar says that “in
terms of the sheer labor, the magnitude of
effort, time and expense required to do a
single, very focused [forensic] investigation
-- as contrasted to auditing a set of the
financial statements -- the difference is
incredible.” It is physically impossible to
conduct a generic fraud investigation of an
entire business.

    Source: Eric Krell, “Will Forensic Accounting Go
Mainstream?” Business Finance Journal, October 2002,
pp. 30-34.

                         Kessler Survey (2001)

 About 13% of employees are
  fundamentally dishonest.
 Employees out-steal shoplifters.

 About 21% of employees are
 But 66% are encouraged to steal if
  they see others doing it without
Source: “Studies Show 13% of employees are fundamentally
      dishonest,” KesslerNews, November 1, 2001,
    30% of people in U.S. are dishonest.
    30% situational dishonest.
    40% are honest all of the time.

Source: R.C. Hollinger, Dishonesty in the Workplace, Park Rider, N.Y.:
   London House Press, 1989, pp. 1-5.                              99
               Little Has Changed: CFO Survey

    Nearly half of CFOs – 47 percent – report
     they still feel pressure from their superiors
     to use aggressive accounting to make
     results look better.
    What is worrisome is that the pressure to
     make the numbers hasn’t abated much. Of
     these who have felt pressure in the past,
     only 38 percent think there is less pressure
     today than there was three years ago, and
     20 percent say there is more.
    Few finance executives have much
     confidence in the numbers their colleagues
     are reporting. Only 27 percent say that if
     they were investing their own money, they
     would feel “very confident” about the
     quality and completeness of information
     available about public companies.
Source: Don Durfee, “It’s Better (and Worse) Than You Think,” CFO Magazine, May 3, 2004.

    Some Infamous Financial Statement Frauds
   Tyco
     •   Large interest-free loans to officers; then forgiven ($87.1 million).
     •   Unauthorized bonuses (no approval of BOD).
     •   Fake documents showing no loans outstanding.
     •   SEC found that PwC had prior knowledge of fraud back to 1998.
     •   Undisclosed real estate transaction with related parties.
     •   False entries in books to cover-up bribes given to foreign officials.
     •   If numbers did not meet expectations, Richard Scrushy told
         employees to “fix them.”

   Adelphia [Greek for brothers]
     •   Moved debt to subsidiaries which were not consolidated.
     •   Personal loans to the Rigas family (self-dealing).
     •   Falsified operations statistics and inflated earnings.

   Xerox
     •   Accelerated revenues from leasing equipment.
     •   Cookie jar reserves.

   Sunbeam
     •   Cookie-jar restructuring reserves.
     •   Channel stuffing.
     •   Guaranteed sales.
     •   Improper bill and hold.

    Some Infamous Financial Statement Frauds

   Waste Management
     •   Reduced depreciation expense by inflating salvage value and
         extending useful lives.
     •   No write-offs for unsuccessful land projects.
     •   Improperly capitalized a number of expenses.
     •   Made top drawer adjustments.

   HPL Technologies (2001-2002)
     •   Created many fake purchase orders from Canon sales (a
         Japanese distributor). Printed and pasted Canon signatures on
         the documents.
     •   Altered bank records to create millions of dollars in nonexistence
         customer payments.
     •   Borrowed millions from his brokerage account (secured by HPL
         stock) and channeled the funds into the company in the form of

   Baptist Foundation of Arizona
     •   Set up subsidiaries owned by insiders to buy real estate (which
         had crashed in value) from BFA.
     •   BFA then recorded notes receivables in the amount of the book
     •   Ran a ponzi scheme using new investors’ money to pay old
         investors high returns.
     •   Refused to give Arthur Anderson financial statements of the

 D.R. Cressey’s Fraud Pyramid

Don’t think you’re the only ones
Who bend it, break it, stretch it some.
We learn from you.
Girls lie, too
                          Terri Clark

SAS No. 99 Characteristics of

          Incentives / pressures

Attitude /                    Opportunity

        Everyone Has A Price?
President Abraham Lincoln is supposed to have thrown a
man out of his office after being offered a bribe. The bribe
involved a substantial sum, and Lincoln was very angry. His
anger was directed at the man in question, but also at
himself. He is reputed to have said, “Every man has his
price, and he was getting too close to mine.”*

The “price” where a person will act dishonestly (e.g., steal,
cook the books) varies from person to person.

What is your price?

In a scene from the movie, The Family Man, an angel stands
behind the counter of a convenience store and takes a $1 bill
from a young woman who is purchasing a $0.99 beverage.
The angel counts out change for $10 and hands the
overpayment to the woman. The customer stares blankly at
the clerk, takes the money and the beverage, and leaves. The
angel is left to lament the lack of ethical behavior for just
$9. “Character, and for what, $9; that is so

* From a speech by Lynn Turner, former chief accountant of U.S.
Securities and Exchange Commission, given at the 39th Annual
Corporate Counsel Institute, Northwestern University School of Law,
October 12, 2000.

** MCA Home Video 2000.                                           105
             Fraud Pyramid
   Motive
      Excessive spending to keep up appearances of
      Other, outside business financial strains.

      An illicit romantic relationship.

      Alcohol, drug or gambling abuse problems.

   Opportunity
      Lack of internal controls.

      Perception of detection = proactive preventative
   Rationalization (reduces offender’s inhibitions)
      “Borrowing” money temporarily.

      Justifying the theft out of a sense of being
        underpaid. (“I was only taking what was mine.”)
      Depersonalizing the victim of the theft. (I wasn’t
        stealing from my boss; I was stealing from the

               Psychology of Fraud

      Fraud can be explained by three factors:
        •   Supply of motivated offenders.
        •   Availability of suitable targets.
        •   Absence of capable guardians (e.g.,
            internal controls).

      The three B’s -- babes, booze, and bets.

      Some fraudsters wish to make fools of
       their victims. They take delight in the act

      Risk of fraud is a product of both
       personality and environmental (or
       situational) variables.

Grace Duffield and Peter Grabosky, “The Psychology of Fraud,” Australian
       Institute of Criminology, No. 19.

The Fraud Diamond

                   Incentive/ Pressures

 Capacity                                      Opportunity

                 Rationalization/ Integrity

  Capacity: Necessary traits; abilities; can pull it
  off; positional authority

  D.T. Wolfe and D.R. Hermanson, “The Fraud Diamond:
  Considering The Four Elements of Fraud,” The CPA J.,
  December, 2004, pp. 38-42.                             108
        Example of Greed (or Incentive)

  Three Duke Energy employees were
charged in April 2004 for allegedly ginning up
“phony electricity and material-gas trades to
boost trading volumes” and inflating “profits
in a trading book that was the basis of their
annual profits.”
 “The trading schemes are alleged to have
inflated their bonuses by at least $7 million”
between March 2001 and May 2002. There
were 400 rigged trades that produced a $50
million profit in the trade books.
 Duke used mark-to-market accounting to
record profit and loss contracts that might not
be settled for years.
 So called “round-trips trades (or wash
sales) were used to jack up reported trading
Source: Rebecca Smith, “Former Employees of Duke Charged Over Wash
Trades,” WSJ, April 22, 2004, p. A-15.

KPMG’s Causes or Indicators of Fraud

   Personal financial pressure.
   Substance abuse.
   Gambling.
   Real or imagined grievances.
   Ongoing transactions with related
   Increased stress.
   Internal pressures to meet
   Short vacations.
   Unusual hours.

Source: KPMG’s 1998 Fraud Survey

   Sherron Watkins provides an
excellent comment about
rationalization with respect to
Enron’s Jeff Skilling and Andy
   At what point did they turn
crooked? “But there is not a
defining point where they became
corrupt. It was one small step after
another, with more and more
rationalizations. There was a slow
erosion of values over time.”

    Source: Pamela Colloff, “The Whistle-
Blower,” Texas Monthly, April 2003, p. 141.

      Fraud’s Fatal Failings

   85% of fraud victims never get
    their money or property back.
   Most investigations flounder,
    leaving the victims to defend
    for themselves against
    counter-attacks by hostile
   30% of companies that fail do
    so because of fraud.

Source: Michael J. Comer, Investigating
    Corporate Fraud, Burlington, VT: Gower
    Publishing, 2003, p. 9.

    Sarbanes-Oxley Act (7-30-2002)
   Most significant change since 1934
    Securities Exchange Act
   New five-member Public Company
    Accounting Oversight Board (PCAOB)
   Authority to set and enforce auditing,
    attestation, quality control and ethics
    (including independencies) standards for
    auditors of public companies.
   Empowered to inspect the auditing
    operations of public accounting firms that
    audit public companies as well as impose
    disciplinary and remedial sanctions for
    violations of the board’s rules, securities
    laws and professional auditing and
    accounting standards.
   Rotation of lead and concurring audit
    partners every five years (5 year time-out

    Sarbanes-Oxley Act (7-30-2002)
   Eight types of services outlawed:
     + Bookkeeping.
     + Information systems design and
     + Appraisals or valuation services, fairness
        opinions, or contribution-in-kind-reports.
     + Actuarial services
     + Internal audit outsourcing
     + Management and human resources
     + Broker/dealer, investment adviser, and
        investment banking services
     + Legal or expert services related to audit
   Applies to foreign accounting firms filing
    with SEC after July 15, 2006.
, to get free
    subscription to PCAOB Update.
      Sarbanes-Oxley Act of 2002
   If you are going to be an auditor, you have to be an
    auditor, not an auditor and a consultant [Senator Jack
   In order to be independent, an accounting firm should
       Audit ones own work.

       Function as part of management or an employee.

       Act as an advocate.

   No limitations are placed upon accounting firms in
    providing non-audit services to public companies they
    do not audit or any private companies.
   Audit services and non-audit services (e.g., tax) must be
    pre-approved by the audit committee, if not prohibited
    by the Act (before the service commences).
   Auditor must report to the audit committee on a timely
   Cooling off period of one year before a member of the
    audit engagement team can begin working for the
    registrant in certain positions.
   There is no requirement to rotate the auditors.
   There is discussion of requiring a forensic audit
    irregularly. Harvey Pitt suggested this proposal.

SOX’s Effects on Smaller Firms
1.    Smaller firms have incurred higher SOX-
      related costs.
         Larger increase in audit fees – ineffective internal
         Complex standards affect smaller firms because
          they lack in-house staff.
         Larger firms stopped working with smaller firms.
         Larger non-audit fees.
2.    Directors fees much higher.
3.    Potential benefits for smaller firms are
      higher for small firms.
4.    Overall, SOX imposes a net loss on all firms.
5.    CEOs and CFOs spent as much as 90% of
      their time on compliance, forcing them to
      defer investments.
6.    SOX reduced the value of small firms—no
      effect or positive for large firms.

Source: E. Kamar, P.K. Mandic, and E. Talley, “SOX’s Effects on
     Small Firms: What Is the Evidence?” June 2007.

    Parallel Universe: Two Opinions
        External auditors must do a regular
   audit of a company (e.g., financial
   statements are fairly stated) and must also
   audit the internal controls that are to
   ensure that the financial statements are
   accurate (e.g., issue two opinions).
        Prior to the external auditors’ arrival,
   the company itself must review its internal
   controls and issue a report on the
   effectiveness of these controls.
        There will be two external opinions: on
   management’s assessment of the internal
   controls over financial reporting and
   another one on the effectiveness of the
   internal controls themselves (e.g.,
   statements are fairly stated).
PCAOB Release 2004-001.

            Anti-Fraud Strategy

     The company’s stance on fraud
      and other breaches of the ethical
     What will be done and by whom in
      the case that frauds or other
      breaches are suspected.
     The key initiatives which the
      company proposes;
     Who will lead these initiatives.
     Clear deadlines and measures for
      monitoring effectiveness of

Source: David Davies, Fraud Watch, 2nd Edition., London, ABG
      Professional Information, 2000, p. 77.

               Anti-Fraud Program

                 An auditor must perform
      “company-wide anti-fraud programs
      and controls and work related to other
      controls that have a pervasive effect on
      the company, such as general controls
      over the company’s electronic data
                 Further, the auditor must
      “obtain directly the ‘principal evidence’
      about the effectiveness of internal
                 PCAOB endorses the COSO
      Cube [pp. 24-26 and A-25 and A-26]

Source: PCAOB Release 2004-001.

Frameworks Being Used by CFOs

• Auditing Standard No. 2
• COBIT (Control/ Objectives
  for Inf./ Related Technology)
• SAS 55/78 (AICPA)
• Others                          2%

(5 components of internal controls)

            The COSO Model
1.   Control environment – management’s
     attitude toward controls, or the “tone at the
2.   Risk assessment – management’s
     assessment of the factors that could prevent
     the organization from meeting its objectives.
3.   Control activities – specific policies and
     procedures that provide a reasonable
     assurance that the organization will meet its
     objectives. The control activities should
     address the risks identified by management
     in its risk assessment.
4.   Information and communication – system
     that allows management to evaluate
     progress toward meeting the organization’s
5.   Monitoring – continuous monitoring of the
     internal control process with appropriate
     modification made as deemed necessary.

COSO New Cube: Enterprise Risk Management

Source: See Apostolou and Crumbley, “ Sarbanes-Oxley
Fall-out Leads to Auditing Standards No. 2: Importance of Internal
Controls,” The Value Examiner, November/December 2004, pp. 55-60.
    Management Control Philosophy

   Fraudulent Financial Reporting more likely
    to occur if
   Firm has a poor management control philosophy.
   Weak control structures.
   Strong motive for engaging in financial statement

   Poor management philosophy:
   Large numbers of related party transactions.
   Continuing presence of the firm’s founder.
   Absence of a long-term institutional investor.

Source: Paul Dunn “Aspect of Management Control Philosophy that
   contributes to fraudulent Financial Reporting,” Journal of Forensic
   Accounting, Vol. IV (2003), pp. 35-60

     Segregation of Accounting Duties
          Effective segregation of accounting
           duties is achieved when the following
           functions are separated:
               Authorization—approving transactions and
               Recording—Preparing source documents;
                maintaining journals, ledgers, or other files;
                preparing reconciliations; and preparing
                performance reports.
               Custody—Handling cash, maintaining an
                inventory storeroom, receiving incoming
                customer checks, writing checks on the
                organization’s bank account.
          If any two of the preceding functions
           are the responsibility of one person,
           then problems can arise.

Source: Accounting Information Systems, 10e
Romney/Steinbart, PH                                             125
                   CONTROL ACTIVITIES
            CUSTODIAL                              RECORDING
              FUNCTIONS                              FUNCTIONS
    •     Handling cash                      •   Preparing source
    •     Handling                               documents
          inventories, tools, or             •   Maintaining journals,
          fixed assets                           ledgers, or other files
    •     Writing checks                     •   Preparing
    •     Receiving checks in                    reconciliations
          mail                               •   Preparing
                                                 performance reports
•       EXAMPLE OF
        PROBLEM: A person
        who has custody of
        cash receipts and the
        recording for those
        receipts can steal some
        of the cash and falsify
        accounts to conceal the
•       SOLUTION: The pink
        fence (segregation of       AUTHORIZATION
        custody and recording)          FUNCTIONS
        prevents employees         • Authorization of
        from falsifying records      transactions
        to conceal theft of
        assets entrusted to
                                   Source: Accounting Information
                                   Systems, 10e Romney/Steinbart, PH
        CUSTODIAL                                RECORDING
          FUNCTIONS                                FUNCTIONS
  •   Handling cash                   •       Preparing source
  •   Handling
      inventories, tools, or          •       Maintaining journals,
      fixed assets                            ledgers, or other files
  •   Writing checks                  •       Preparing
  •   Receiving checks in
      mail                            •       Preparing performance

                                          •    EXAMPLE OF
                                               PROBLEM: A person
                                               who has custody of
                                               checks for transactions
                                               that he has authorized
                                               can authorize fictitious
                                               transactions and then
                                               steal the payments.
                                          •    SOLUTION: The green
                                               fence (segregation of
                                               custody and
            AUTHORIZATION                      authorization) prevents
                FUNCTIONS                      employees from
           • Authorization of                  authorizing fictitious or
                                               inaccurate transactions
              transactions                     as a means of concealing
                                               a theft.

Source: Accounting Information Systems, 10e Romney/ Steinbart,
PH                                                                    127
    • Handling cash                      • Preparing source
    • Handling inventories,
      tools, or fixed assets             • Maintaining journals,
                                           ledgers, or other files
    • Writing checks
                                         • Preparing reconciliations
    • Receiving checks in mail
                                         • Preparing performance

      PROBLEM: A person who
      can authorize a transaction
      and keep records related to
      the transactions can
      authorize and record
      fictitious payments that
      might, for example, be sent
      to the employee’s home
      address or the address of a
      shell company he creates.
•     SOLUTION: The purple
      fence (segregation of
      recording and
      authorization) prevents
      employees from falsifying      AUTHORIZATION
      records to cover up                FUNCTIONS
      inaccurate or false
      transactions that were        • Authorization of
      inappropriately authorized.      transactions
Source: Accounting Information Systems, 10e Romney/Steinbart, PH   128
    Risk Assessment Benefits

        A major step in a forensic audit is to
conduct a risk assessment, which entails a
comprehensive review and analysis of program
operations in order to determine where risks
exists and what those risks are.
        Any operation developed during the risk
assessment process provides the foundation
or basis upon which management can
determine the nature and type of corrective
actions needed.
        A risk assessment helps an auditor to
target high-risk areas where the greatest
vulnerabilities exist and develop
recommendations to strength internal controls

Source: B.l. Derby, “Data Mining for Improper Payments,”
Journal of Government Management, Winter 2003,
Vol.52, No. 4, pp. 10-13.
     Fraud Risk Assessment

Ernst & Young report found that
organizations that had not
performed fraud vulnerability
reviews were almost two-thirds
more likely to have suffered a
fraud within the past 12 months.
J.W. Koletar, p. 167.

A company should have a fraud
risk assessment performed of
their controls, procedures,
systems, and operations. J.W.
Koletar, p. 166.

Sources: J.W. Koletar, Fraud Exposed, John Wiley &
Sons, 2003

    Swimming Lanes
              Mary Ben   Jane Sam

Controls       X               X

Entries in     X    X     X

Deposits            X          X

Does           X          X

Controls            X     X    X

Sophisticated Approaches

1.   The Quad Method
2.   The Staggered Box Method
3.   The Chessboard Method

     COSO Guidance

Risk Assessment Matrix

See COSO, “Guidance for Smaller
  Public Companies,”

     PCAOB’s AS2 Report:
1.   Failure to coordinate or integrate the
     AS2 audit of internal controls with the
     financial audit.
2.   Doing detail testing before the top
     down audit looking for the high risk
     areas (e.g., fishing).
3.   Inadequate consideration of the
     unique risk factors of the company
     (e.g., avoid the checklist mentality).
     Do not audit the low risk areas.
4.   Inefficient walkthroughs of
     transaction controls.
5.   Too little reliance on others.
6.   Insufficient evaluation of
     compensating controls when there is
     a discovery of control deficiencies.
7.   Inadequate testing of controls over
     financial statement presentation and

     GAP Analysis
Actual Internal Controls

Organization’s Stated Internal

Best Practice Internal Controls

     SAS No. 99 Types of Fraud

    Unlike errors, fraud is intentional and
    most often involves deliberate
    concealment of facts by management,
    employees, or third parties

   Fraudulent Financial Reporting: does
    not follow GAAP (e.g., recording
    fictitious sales)

   Misappropriation of Assets:
    embezzling receipts, stealing assets,
    or causing an entity to pay for goods
    or services that have not been

    Often accomplished by false or
    misleading records or documents,
    possibly created by circumventing
    internal controls.
Fraudulent financial reporting may
       occur by the following:
 Manipulation, falsification, or
    alteration of accounting
    records, or supporting
    documents from which
    financial statements are
 Misrepresentation in or
    intentional omission from the
    financial statements of events,
    transactions, or other
    significant information.
 Intentional misapplication of
    accounting principles relating
    to amounts, classification,
    manner of presentation, or
Source: SAS No. 99, “Consideration of Fraud in a
     Financial Statement Audit,” New York: AICPA
SAS No. 99 Ways to Overcome the Risk of
   Management Override of Controls

    Examining journal entries
     and other adjustments.
    Reviewing accounting
     estimates for bias,
     including a retrospective
     review of significant
     management estimates.
    Evaluating the business
     rationale for significant
     unusual transactions.

          Parmalat Deceptions
   Parmalat, an Italian diary company, had a
    nonexistence Bank of America bank
    account worth $4.83 billion. A SEC lawsuit
    asserts that Parmalat “engaged in one of
    the largest and most brazen corporate
    financial frauds in history.”
   Apparently, the auditors Grant Thornton
    relied on a fake Bank of America
    confirmation prepared by the company.
   SAS No. 99 does not prohibit clients from
    preparing confirmations.
   The fraud continued for more than a
    decade. At least $9 billion unaccounted for.
   Therefore, the audited company should not
    be in control of the confirmation process.
   The owner treated the public company as
    if it was his own bank account.
   An unaware phone operator was the fake
    chief executive of more than 25 affiliated
   Some $3.6 billion in bonds claimed to be
    repurchased had not really been bought.
   Enron issued $1.2 billion of stock to
    special purpose entities and recorded a
    $1.2 billion notes receivable (rather than
    a contra account to stockholders equity).
    Both assets and owners equity were
    overstated by $1.2 billion.
   HealthSouth allegedly overstated profits
    by at least $14 billion by billing Medicare
    for physical – therapy services the
    company never performed. The company
    submitted falsified documents to
    Medicare to verify the claims over 10
   E&Y collected $2.6 million from
    HealthSouth (as audit-related fees) to
    check the cleanliness and physical
    appearances of 1,800 facilities. A 50-
    point checklist was used by dozens of
    junior-level accountants in unannounced
    visits. For 2000, E&Y audit fee, $1.03
    million; other fees, $2.65 million.

  Journal Entries at Year End: Those Magic

Apparently,   Arthur Andersen was given
limited access to the general ledger at
WorldCom, which had a $11 billion fraud
(largest accounting fraud in history). Most of
the original entries for online costs were
properly placed into expense accounts.
However, near the end of the period these
entries were reversed. One such entry was as
Other Long-term Assets $629,000,000
Construction in Progress     $142,000,000
        Operating Line Costs
The support for this entry was a yellow post-
it note.
WorldCom’s outside auditors refused to
respond to some of Cynthia Cooper’s
questions and told her that the firm had
approved of some of the accounting methods
she questioned.
  Those Magic Changes: Yellow Peril

 Fourth Quarter of 1999: "The $239 million
[international line cost accrual release] was
entered in WorldCom's general ledger ... The only
support recorded for the entry was
'$239,000,000,' written on a Post-it Note and
attached to a printout of the entry."
 Third Quarter of 2001: "Myers gave Sethi a Post-
it Note that said 'Assume $742 million.' Later,
Myers and Sethi had a conversation confirming
that $742 million identified on the Post-it Note was
the line cost capitalization entry for the quarter.”


Those Magic Changes

“Oh my heart arranges, oh those magic changes,
 oooh yeah.”

                          Yellow Peril
  First Quarter of 2002: "In Capital Reporting,
Myers told Sethi to go see Vinson, who would
have the amount to be capitalized. When Sethi
did so, Vinson handed him a Post-it Note that had
the $818 million adjustment on it. Brian Higgins
once again refused to make the necessary
allocation for the first-quarter 2002 capitalization
entry. Despite his growing concerns, Sethi made
the allocation because he was concerned that his
immigration status would be jeopardized if he
lost his job."

 First Quarter 2002: "$109.4 million was taken
from the general accrual account that Vinson set
up and reclassified to several SG&A balance
sheet accounts in five large, round-dollar
amounts. The only supporting documentation that
we were able to locate for these entries was a
Post-it Note listing the various SG&A accounts
and the amounts that should be taken from the
Vinson account."

             Cooking-the-Books Often
               Collaborative Effort

•   For restatements between January 1,
    1997 to June 30, 2002, 45% were
    accused of securities fraud and subject
    to shareholder suits.

•   Average of 7 individuals were
    implicated, including
       General counsel
       Internal/external auditors

Source: Robert Tillman and Michael Indergaard, Control Overrides
    in Financial Statement Fraud.
       WorldCom Fraud Massive
   At least 40 people knew about the fraud.
   They were afraid to talk.
   Scott Sullivan handed out $10,000
    checks to 7 involved individuals.
   Altered key documents and denied
    Andersen access to the database where
    most of the sensitive numbers were
   Andersen did not complain about denied
   Company officials decided what tax
    rates they wanted and then used the
    reserves to arrive at the tax rates.

Source: Rebecca Blumenstein and Susan Pullian,
  “WorldCom Fraud Was Widespread,” Wall
  Street J., June 10, 2003, p. 3.

  Differences Between Auditing/Forensic

Auditing               Forensic

1. Recurring           1. Non-recurring
2. Express an          2. Resolve an
   opinion                allegation or
                          deterrence review
3. Follow GAAS         3. Follow consulting
   and SAS 99              standards
4. Materiality         4. Materiality not
   important              important
5. Sampling activity   5. Detailed financial
6. Use professional    6. Establish scienter
7. Audit program       7. No set of rules

         Financial Audit v. Forensic Audit

       The typical financial audit is a
sampling activity that doesn’t look at every
transaction and can therefore be exploited by
someone who knows how to rig the books.
        Forensic accounting focuses on a
specific aspect of the books and examines
every digit. While the average accountant is
trying to make everything add up, a forensic
accountant is performing a detailed financial
analysis to find out why everything doesn’t or
shouldn’t add up.
       It’s a far more time-consuming
enterprise and can be significantly more
expensive than regular auditing work.

Jake Poinier, “ Fraud Finder,” Future Magazine, Fall 2004,
ud.htm                                                      147
                             Pre SAS 99

             Consulting                       Auditing
             Standards                       Standards


                         Post SAS 99
           Consulting                         Auditing
           Standards                         Standards

              Traditional       Forensic
             Investigation     Procedures     SAS 99
                              in the Audit

Source:AICPA, “Forensic Services, Audits, and Corporate
Governance: Bridging the Gap,” Discussion Memorandum,
2004.                                                   148
      Steps Toward Forensic Audit

   Traditional audit [forensic
    techniques & fraud prevention
   If suspect fraud, bring in-house
    forensic talent into the audit.
   If no in-house talent or fraud
    complex, engage an outside
    forensic accountant (e.g., Cr.FA,
    CFFA, or CFD).
   As audit moves toward forensic
    investigation, auditor must
    comply with litigation services
    standards (consulting).

Inexperienced Forensic Auditors

   Find out who did it. Do not worry about
    all the endless details.

   Be creative, think like the fraudster, and
    do not be predictable. Lower the
    auditing threshold without notice.

   Take into consideration that fraud often
    involves conspiracy.

   Internal control lapses often occur
    during vacations, sick outages, days off,
    and rest breaks, especially when
    temporary personnel replace normal

H. R. Davia, Fraud 101, New York: John Wiley & Sons, 2000, pp.

    Types of Forensic Engagements

    Determine if fraud is occurring.
    Support criminal or civil action against
     dishonest individuals.
    Form a basis for terminating a
     dishonest employee.
    Support an insurance claim.
    Support defense of an accused
    Determine whether assets or income
     were hidden by a party to a legal
     proceeding (such as a bankruptcy or
    Identify internal controls to prevent it
     from happening again.
Source: D.R. Carmichael, et. al, Fraud Detection, 5th,
   Fort Worth: Practitioners Publishing, 2002, p. 2 – 4.

      Two Major Types of Fraud
   Reactive: Some reason to
    suspect fraud, or occurs after a
    significant loss.
   Proactive: First, preventive
    approach as a result of normal
    operations (e.g., review of
    internal controls or identify
    areas of fraud exposure). There
    is no reason to suspect fraud.
    Second, to detect indicia of

Source: H.R. Davia, “ Fraud Specific Auditing,” Journal of
   Forensic Accounting, Vol. 111, 2002, pp. 111-120
         Proactive Is Beneficial
   The threat of a future investigation reduces
    the occurrence of fraudulent behavior from
    75% to only 43%.

   The larger the pay-off, the more likely a
    person will commit fraudulent behavior.

   Give the fox a key to the hen house and
    he/ she is going to eat hens.

    Source: S. L. Tate et. al, “The Small Fraud Paradigm: An
    Examination of Situational Factors That Influence the
    Non-Reporting of Payment Errors,” J. of Forensic
    Accounting, Vol.7, 2006, p. 406.


    The greater the risk of detection, the less
    likely a person is to violate the law.

                                       Jeremy Bentham
                                       18th Century Philosopher

Proactive vs. Reactive Approaches

Proactive approaches include
 Effective internal controls,
 Financial and operational
 Intelligence gathering,
 Logging of exceptions, and
 Reviewing variances.

Reactive detection techniques
 Investigating complaints and
 Intuition, and
 Suspicion.

Jack Bologna and Robert Lindquist, Fraud Auditing and Forensic Accounting,
     2d Edition, New York: John Wiley, 1995, p. 137.
           Proactive Is Best
   When the IRS began requiring banks
    to issue Form 1099s reporting interest,
    the reported interest income increased
    by $8 billion (even though for 3 years
    the IRS did not have computer
    matching capacity).
   When the IRS began to require
    taxpayers to list a social security
    number for dependents, the next year
    the number of reported dependents
    dropped by seven million. More than
    11,000 of these taxpayers claimed
    seven or more dependents in 1986, but
    they claimed none in 1987.
   When the IRS began to require
    taxpayers to list a name, address, and
    social security number for babysitters,
    two years later 2.6 million babysitters
Fraud Deterrence Better Than Fraud

 1.   Fraud deterrence less
 2.   Deterrence is more
 3.   Fraud deterrence produces
      greater savings.
 4.   Deterrence is faster.
 5.   Fraud deterrence promotes
      better customer relations.

      Daniel Finnegan, “Deterring Fraud,” Quality Planning
      Corporation, 1991.

       Is Company Proactive?
   Fraud hotline (reduce fraud losses
    by 50% re Wells 2002 Report).
   Suggestion boxes.
   Make everyone take vacations.
   People at top must set ethical
   Widely known code of conduct.
   Check those employee references.
   Reconcile all bank statements.
   Count the cash twice in the same
   Unannounced inventory counts.
   Fraud risk assessment (CFD).

    $7.4 Billion Losses at Societe Generale
•    Jerome Kerviel evaded all of the French bank’s
     controls to bet $73.5 billion on European markets –
     more than the bank’s market value. Six year
     employee; junior employee.
•    Kerviel reported to work early, stayed late, and took
     only 4 days off in 2007. In France six weeks of
     vacation is fashionable.
•    Starting in early 2005, he made small unauthorized
     trades. The bank missed the illicit trades and the red
•    Kerviel described growing increasingly daring after no
     one at the bank detected a series of small,
     unauthorized trades that he placed.
•    He entered fictitious and offsetting trades to minimize
     the odd of big losses.
•    He stole other people’s computer access codes,
     falsified documents, and employed other methods to
     cover his tracks.
•    He had an excellent understanding of the bank’s
     processing and control procedures so he could
     circumvent all of the controls.
•    His motive: quest for glory and a bonus.

            Some Hints

   Need to really understand the
    business unit. What they really do.
   Have a mandatory vacation policy.
   Rotation of assignments.
   Have a written/signed ethics policy.
   Do things differently each time you
    audit a unit.
   Do not tell client what you are
   Hard to find fraud in the books.
    Look/listen. Look for life style
   Do not rely on internal controls to
    deter fraud.
   Auditors must have control of the
    confirmation process.
   Careful of related parties.
   Careful of “trusted” employees.
           Stamp Mates

   Afinsa, a Spanish stamp company,
    controls 72% of Escala, a U.S. company
    (formerly Greg Manning Auctions).
   Escala says all sales to Afinsa takes place
    at independent established prices.
   But Escala’s reported gross margin on
    stamp sales to Afinsa exceeds 44% [like
    land flipping].
   Compared to less than 14% on those to
    other clients.
   Therefore, Escala was manipulating the
    value of stamps sold to Afinsa to
    artificially boost its own bottom line.
   Escala’s stock fell from $32 to $5 in five
    days after the May 8, 2006 arrests of
    seven executives. Police found $12.6
    million behind one dealer’s freshly
    plastered walls in his home (e.g.,
    unreported profits?).
   Escala owns A-Mark Precious Metals,
    which buys and distributed more than
    one-half of the gold coins handed each
    year by the U.S. mint.

     Fraud Deterrence Review
Analysis  of selected records and
 operating statistics.
Identify operating and control
Proactively identify the control structure
 in place to help prevent fraud and
 operate efficiently.
Not an audit; does not express an
 opinion as to financial statements.
May not find all fraud especially where
 two or more people secretively agree to
 purposely deceive with false statements
 or by falsifying documents.
[Always get a comprehensive, signed
 engagement letter defining objectives.]

               Fraud Detection Process

1.    Discuss facts and objectives with client/attorney (e.g.,
      conflict of interests).
2.    Evaluation whether to accept the engagement.
3.    Prepare a work program.
4.    Develop time and fee schedule.
5.    Obtain approval of work program, staff assignments,
      and fee estimates.
6.    Obtain an engagement letter.
7/8. Identify fraud exposures and symptoms.
9/10. Evaluate evidence obtained and determine if more
      evidence is needed.
11/12. Search for and evaluate additional evidence.
13.   Discuss preliminary findings with client/attorney.
14.   Draft a final report.
15.   Review the report and work papers.
16.   Resolve professional disputes.
17.   Clear review points and open items.
18.   Communicate report or findings.
19.   Help attorney prepare court case/testify.
20.   Perform follow-up procedure.
21.   File work papers/report.

Source: Carmichael et. al, PPC Fraud Detection, Vol.1, Ch. 2 (2002).

          Financial Audit v. Forensic Audit

“ During one investigation, we found in the auditing
     working papers written in the margin of the
     internal audit working papers by the internal audit
     manager: ‘Conceal from bankers,’ says Nicholas L.
     Feakins, CPA, partner at San Mataeo, Calif based
     forensic accounting firm Feakins & Feakins. “ It
     sounds amazing, but the [third-party] auditors has
     put B-level staff on the project who simply didn’t
     read the documents and missed it.”
MiniScribe, one of the world’s largest disk-drive
     makers, which in the late 1980s was
     surreptitiously shipping bricks instead of disk
     drives to the Far East and receiving credit from the
     bank for the amount of the shipments. “After all,”
     he says “it’s going to be 90 days until they ship the
     brick back to you. “MiniScribe’s public accounting
     firm, Coopers & Lybrand, didn’t catch the false-
     revenue scam during its regular audits-but a
     forensic accountant did.”

Jake Poinier, “ Fraud Finder,” Future Magazine, Fall 2004,
                            Materiality Unimportant

        “Auditing is governed by materiality. In
        investigative accounting, it is the opposite.
        I am looking for one transaction that will be
        the key. The one transaction that is a little
        different, no matter how small the
        difference, and that will open the door.”
        Lorraine Horton, owner of L. Horton & Associates in Kingston, R.I.

“Fraud usually starts small. It begins with little
   amounts, because the perpetrator is going
   to test the system. If they get away with it,
   then they keep on increasing and
   increasing it.”
                                             Robert J. DiPasquale

Source: H.W. Wolosky, “Forensic Accounting to the Forefront,” Practical
    Accountant, February 2004, pp. 23-28.

       Forensic Accounting v. Auditing

“Forensic accounting is very different from
auditing in that there is no template to use.
There are no set rules. You don’t know when
you go into a job how it is going to be.”
             Lorraine Horton, Kingston, R.I
“Forensic accounting “is a very competitive
 field. What is interesting is that you may be a
 good accountant, but not a good forensic
 accountant. The training and the way you look
 at transactions are different.”
          Robert J. DiPasquale, Parsippany, N.J.
“Unlike auditing, lower-level staff often can’t
 be used for an engagement. They normally will
 not spot anything out of the ordinary, and an
 experienced person should be the one testifying
 as well as doing the investigative work.”
Lorraine Horton, Kingston, R.I.

Source; H.W. Wolosky, “Forensic Accounting to the Forefront,”
 Practical Accountant, February 2004, pp. 23-28.

SAS No. 99 Recommendations

   Brainstorming.
   Increased emphasis on professional
   Discussions with management.
   Unpredictable audit tests.
   Responding to management override of


   An attitude that includes a
    questioning mind and a critical
    assessment of audit evidence.
   An auditor is instructed to conduct
    an audit “with a questioning mind
    that recognizes the possibility that
    a material misstatement due to
    fraud could be present, regardless
    of any past experience with the
    entity and regardless of the
    auditor’s belief about
    management’s honesty and
   “Things are not always as they
    appear, sonny boy.” James
    Patterson, Honeymoon, Warner
    Books, 2006.

Ronald Reagan said with respect to
Russia, “Trust, but verify.”

FA’s motto should be “Trust no
one; question everything; verify.”
This ain’t my first rodeo
I didn’t make it all the way through
But my mama didn’t raise no fool.
I may not be the Einstein of our time.
But honey, I’m not dumb and I’m not
                                               Vern Gosdin

   Assume there may be wrong
   The person may not be
   The document may be altered.
   The document may be a
   Officers may override internal
   Try to think like a crook.
   Think outside
    the box.

      SAS No. 99: Brainstorming
Aims to make the auditor’s consideration
  of fraud seamlessly blended into the
  audit process and continually updated
  until the audit’s completion.
Brainstorming is now a required
  procedure to generate ideas about how
  fraud might be committed and
  concealed in the entity.
 No ideas or questions are dumb.

 No one owns ideas.

 There is no hierarchy.

 Excessive note-taking is not allowed.

Source: Michael Ramos, “Auditors’ Responsibility for Fraud
  Detection,” J. of Accountancy, January, 2003, pp. 28 – 36.

                 More Brainstorming

 Best to write ideas down, rather than say
  them out loud.
 Take plenty of breaks.
 Best ideas come at the end of session.
 Important to not define the problem too
  narrow or too broad.
 Goal should be quantity, not quality.
 Geniuses develop their most innovative
  ideas when they are generating the greatest
  number of ideas.
 No such things as bad ideas.
 Many companies are great at coming up
  with good ideas, but lousy at evaluating and
  implementing them.

Source: A.S. Wellner, “Strategies: A Perfect Brainstorm,” Inc.
  Magazine, October 2003, pp. 31-35

How Management Overrides Controls
         (SAS No. 99)

    Recording fictitious journal
     entries (especially near end of
     quarter or year).
    Intentionally biasing
     assumptions and judgments
     used to estimate accounts
     (e.g., pension plan
     assumptions or bad debt
    Altering records and terms
     related to important and
     unusual transactions.

The SEC has recently adopted the
proactive strategy of “wildcatting”
where investigations into entire
industries and business sectors are
begun after evidence emerges from
only one company in the group
regarding financial reporting problems.

Over time, the PCAOB will probably
be able to identify peculiarities within
existing or evolving industries that
require either standard setting or
regulatory attention, or both.
Source: Berton, L., “U.S. Accounting Watchdogs Try to Shut Barn Door,”, April 2, 2004; J.H. Edwards, “Audit Committees: The Last
Best Hope,” Journal of Forensic Accounting, Vol. IV (2004), pp. 1-20.

An auditor must perform a walkthrough of a
company’s significant processes (each major
class of transactions).

Can not be achieved secondhand.

According to PCAOB, in a walkthrough an auditor
traces “company transactions and events – both
those that are routine and recurring and those
that are unusual – from origination, through the
company’s accounting and information systems
and financial report preparation processes, to
their being reported in the company’s financial

Auditors should perform their own walkthroughs
which provides auditors with appropriate
evidence to make an intelligent assessment of
internal controls.

Source: PCAOB Briefing Paper, Proposed Auditing Standards, October 7, 2003.

Slot Machine Example

Revenue Flows

          Wandering Around
• Informal observations while in the
• Especially valuable when assessing the
  internal controls.
• Observe employees while entering and
  leaving work and while on lunch
• Observe posted material, instructions,
  job postings.
• Observe information security and
• Observe the compliance with
• Appearance is not necessarily reality.
  Man of La Mancha
 New Terms in Financial Reports:
 Deficiencies Have No Bright Lines

Control deficiency – one that might allow a
   bad number to get into the financial
   reports (e.g., the likelihood that a
   company misstates reports is remote– 1
   out of 20).
   Example: company does not check
  changes made by a salesman in a minor

Significant deficiency – more serious flaw
   or a number of flaws that increase the
   chances that wrong numbers will
   significantly distort financial statements
   (e.g., more than remote).
  Example: company not checking for
   changes to terms of several key
  Need only to report to BOD, but some
   companies are making them public.

   Deficiencies Have No Bright Lines

  Material weakness – deficiencies are so
   bad that there is more than a remote
   change of a material misstatement in
   financial statements.
  Example: a bank does not regularly
   check for errors in estimating loan-loss
   expenses (i.e., Fannie Mae reported a
   $1.3 billion error from its computer
   model, many in an uncontrolled
  They must be reported.
    David Henry, “How Clean Are the Books?” Business Week, March 7,
   2005, pp. 108-109.
     Firms that reported material
     weaknesses in tax accounting lost an
     average of 5.8% of their stock value 60
     days after the announcement.
     As of 11-14-05, 695 companies have
     disclosed material weaknesses in their
     annual report.
     Material Weakness Areas

 AREAS OF FAILURE                  2005    2004
 Tax accruals/ deferrals           34.5%   32.0%
 Revenue recognition               28.4    31.3
 Inventory/ vendor cost of sales   23.7    27.4

 Fixed/ Intangible assets          16.0    18.6
 Leases or contingencies            9.3    16.8
 Cash flow (FAS 95 error)           8.8      --
 Consolidation (Fin 46 issues)      6.7     9.0

  * 10% of corporate filers in 2005 and 16% in


             Law Suits Few So Far
• Companies reporting problems with internal
controls have not seen a big increase in class-action
lawsuits, according to a study by Deloitte & Touche
between November 2003 and August 2004.
• Deloitte said only 6% of the 290 companies
reporting internal-control flaws were sued.
• 52% of the firms had material weakness in their
internal controls.
• These internal control announcements did not
seem to send prices downward.
• Highest incidence of internal controls:
       -computer-software firms
       -health-care and pharmaceutical companies.
       - financial-services firms
       -telecommunication companies.

Source: Judith Burns, “Few Firms Are Sued Over Flaws in Internal
Controls, Study Finds, WSJ, December 29, 2004, p. B-5.
           Think Like A Crook

   Know your enemy as you know yourself,
    and you can fight a hundred battles with
    no danger of defeat.” Chinese Proverb.
   Military leaders study past battles.
   Football and basketball teams study
    game films of their opponents.
   Chess players try to anticipate the moves
    of their opponent.

Examples: If contracts above $40,000 are
   normally audited each year, check the
   contracts between $30,000-$40,000.
  FAs must learn the tricks of the trade as
   well as the trade.

      Think Outside the Box

American astronauts returning from
space complained that they could
not write with their pens in zero
gravity. NASA set aside $1 million
to develop a sophisticated pen that
would function in space.
The Russians encountered the same
problem. What did they do?

     Three Major Phases of Fraud

1. The Act itself.
2. The concealment of the fraud (in financial
3. Conversion of stolen assets to personal use
   (interest free loans to Tyco executives
One can study any one of these phases.

 Things being stolen: conduct surveillance
  and catch fraudster.
 If liabilities being hidden, look at financial
  statements for concealment.
 If fraudster has unexpected change in
  financial status, look for source of wealth.

Source: Cindy Durtschi, “The Tallahassee Bean
   Counters: A Problem-Based Learning Case in
   Forensic Audit,” Issues in Accounting Education, Vol.
   18, No. 2, May 2003, pp. 137-173.

             The Methods

   Asset misappropriation
    accounted for more than four out
    of five offenses or 91.5% in
    2006 (92.7% in 2004).
   Bribery and corruption
    constituted about 30.8% in 2006
    (30.1% in 2004) of offenses.
   Fraudulent statements were the
    smallest category of offense
    10.6% in 2006 (7.9% in 2004)
    (most costly). $2 million per
Source: 2006 Wells Report, ACFE.

      Fraudulent Disbursements

    Fraudulent disbursements
     account for three-quarters of
     the losses, and the most
     expensive tend to be
     fraudulent disbursements
     through billing schemes (45%).
    Therefore, internal auditors
     seeking to get the biggest bang
     for their investigative bucks
     should begin by making sure
     company vendors are for real.
    Check tampering (30%).
Source: J.T. Wells, “An Unholy Trinity,” Internal
    Auditor, April 1998, p. 33.

     Restatements of Financial Statements
              2006                   1,420 (10%)
              2005                   1,225(8.6%)
              2004                   650
              2003                   514
              2002                   330
              2001                   270
              1999                   216
              1998                   158

Reasons for 2004 restatements:
1. Revenue recognition.
2. Equity accounting.
3. Revenues, accruals, contingencies.
•     15% were repeat filers.
•     Arthur Andersen had averaged 11 restatements
      before 2002. In 2002, they had 40, with 26 after
      new auditors were retained.

    Source: Greg Farrell, “Restatements of Earnings in 2005 to Break
    Record,” USA Today 12/29/2005; Stephen Taub,, March 3, 2006.
     Class Action Securities Fraud Actions

        Year                                    Year
        2006                114                 2000               215
        2005                181                 1999               208
        2004                233                 1998               240
        2003                223                 1997               175
        2002                267                 1996               112
        2001                497                 1995               188

 Although the number of shareholder class
 action lawsuits have gone down,
 settlements are now much bigger (average
 $65 million). Unions and retirement funds
 are playing an increasing role, resulting in
 much higher settlements.

Stanford Law School Securities Class Action Clearing House,; “Classier Actions,” The Economist, February 17,
2007, pp. 76-77.
    Auditors Must be Alert for:

   Concealment
   Collusion
   Evidence
   Confirmations
   Forgery
   Analytical relationships

Source: Gary Zeune, “The Pros and Cons.”
“Things are not what you think they
    are.” Al Pacino, “The Recruit.”

An Average of Seven People Involved

 Authors Robert Tillman and
  Michael Indergaard found that of
  the 834 companies that issued
  restatements between January 1,
  1997 and June 30, 2002, 374 or
  45% were accused of securities
 An average of 7 persons were
  normally involved – CEOs, CFOs,
  COOs, general counsel, directors,
  and internal and external auditors.

Measures Helpful in Preventing Fraud

 1.   Strong Internal Controls (3.66)
 2.   Willingness of companies to
      prosecute (3.44)
 3.   Regular fraud audit (3.40)
 4.   Fraud training for auditors (3.33)
 5.   Anonymous fraud reporting
      mechanisms (3.27)
 6.   Background checks of new
      employees (3.25)
 7.   Established fraud policies (3.12)
 8.   Ethical training for employees (2.96)
 9.   Workplace surveillance (2.89)

             Source: 2004 Wells Report

         Anti-Fraud Measures –
     Months to Detect – Median Loss

                            YES        NO
1.    Hotlines            $100,000   $200,000
                            (15)       (24)
2.    Internal audits    $120,000    $218,000
                           (18)        (24)
3.    External audits     $181,000   $125,000
                            (23)       (18)
4.    Surprise audits     $100,000   $200,000
                            (15)       (24)
5.    Fraud awareness/    $100,000   $200,000
      Ethics Training       (15)       (24)

Source: 2006 Wells Report, ACFE.

Code of Ethics Required by Sarbanes-Oxley

  Section 406: Public issuer has to
      adopt a code of ethics for senior
      financial officers to deter wrong –
      doing and to promote
  1.  Honest and ethical conduct.
  2.  Full, fair, accurate, timely and
      understandable disclosure in SEC
  3.  Compliance with government
      laws, rules, and regulations.
  4.  Prompt internal reporting code
  5.  Accountability for adherence to
      the code.

          More Hints …
   Check employee
   Stop giving the employee/client the
    answer when you ask a question.
   Zero tolerance for allowing
    employee/executive to get away
    with anything.
   Always reconcile the bank
   Try to think like a criminal.
   Get inside the criminal’s mind. Be a
   Do not assume you have honest
   Bond employees.
   Uni-ball gel pens.
            Source: Gary Zeune

              Auditing Hints
• SAS No. 99 does not require auditors to make
  inquiries of “others,” as opposed to
  management. Auditors must talk to and
  interview others below management level. If
  asked, employees may be willing to report
  suspicious activities.
• Use independent sources for evaluating
  management (e.g., financial analysts). Surf
  the internet.
• Auditors need to follow the performance
  history of managers and directors.
• If a company has an anonymous reporting
  system, obtain information about the
  incidents reported and consider them when
  assessing fraud risk.
• Be sure to perform analytical procedures, and
  the work should be reviewed by senior
  members of the audit team.                  195
           Auditing Hints (cont.)

• Auditors should select sample items below
  their normal testing scope (e.g., HealthSouth).
• Fraud procedures should be more than
  checklists. Audits should focus on finding and
  detecting fraud.
• Ask for and review all “top drawer” entries.
• Ask for and review all side agreements.

Check References and Resume

Fraud 101: Fraudsters can
change their job and address, but
they can not change who they

         Integrity Testing
   Pre-employment drug testing.
   Post-employment drug testing
    more sensitive.
   Pre-employment polygraph tests
    prohibited by 1988 Act (Federal,
    State, Local Governments and
    Federal Contractors exempted
    from the Act).
   Written integrity tests.

       Lavish Executive Pay
     Many of the companies indicted by
      the SEC after Enron had one thing
      in common: CEOs were making
      about 75% above their peers.
     The common thread among the
      companies with the worst corporate
      governance is richly compensated
      top executives, as per the
      Corporate Library, Portland, Maine
      governance-research firm. Hefty
      pay checks and perks to current or
      former chief executives.
     Poor BODs have in common: an
      inability to say no to current or
      former chief executives.

Source: Monica Langley, “Big Companies Get Low
     Marks for Lavish Executive Pay,” Wall Street J.,
     June 9, 2003, p. C-1.

        Impaired Independence
     The independence of the auditor will probably be
     impaired and reduce the quality of financial
     statement audits, if any of the following conditions
     occur during financial statement audits:

1)   auditor’s excessive personal loyalty to the audit
2)   auditor’s fear of losing client to a competitive CPA,
3)   auditor’s fear of a lawsuit if CPA withdraws from
     audit engagement,
4)   auditor’s fear of harming client with audit opinion
     other than unqualified, and
5)   auditor’s conflict between consulting and auditing
     services offered.

     G. D. Moyes and A. Anandarajan, “CPAs’ Perceptions of Factors Influencing the
     Quality of Financial Statement Audits: Substandard Performance and Impaired
     Independence,” J. of Forensic Accounting, Vol. 7, 2006, p. 133.

   Earnings Management
Earnings management may be defined as
the “purposeful intervention in the
external financial reporting process, with
the intent of obtaining some private gain.”

– Katharine Schipper, “Commentary on Earnings
Management,” Accounting Horizon, December 1989, p. 92.

Earnings management occurs when
managers use judgments in financial
reporting and in structuring transactions to
alter financial reports to either mislead some
stakeholders about the underlying economic
performance of the company, or to influence
contractual outcomes that depend on
reported accounting numbers.

                                P. Healy and J. Wahlen

      Earnings Management
The difference between earnings
management and financial
statement fraud is the thickness of
a prison wall.
           D. Larry Crumbley
The difference between earnings
management and financial
statement fraud is like the
difference between lightning and a
lightning bug.
           D. Larry Crumbley

     Capital Market Incentives to
          Manage Earnings
1.   Management buyout firms, on average, manage their
     earnings downward prior to the buyout.
2.   Roughly 12 percent of firms making seasoned or initial
     equity offerings manage their earnings upward by about 5%
     of total assets prior to the offers.
3.   Firms who are in danger of failing to meet management
     earnings forecasts, on average, manage their earnings
     upward prior to releasing the annual earnings figure.
4.   Firms, on average, manage their earnings to meet or beat
     expectations of financial analysts.
5.   Firms that meet or beat analysts’ expectations earn about
     8% incremental annual market-adjusted returns relative to
     firms that fail to do so.
6.   Firms with zero or a positive earnings surprise earn
     incremental quarterly returns of 2.3%, and firms with
     positive earnings surprise earn further incremental quarterly
     returns of 3.4%.
7.   About 40% of firms confronted with reporting slight losses
     tend to manage their earnings in order to report positive
8.   About 12% of firms confronted with reporting slight earnings
     decreases tend to manage their earnings in order to report
     small earnings increases.
9.   Investors do not see through most earnings management as
     evidenced by the fact that firms flagged for earnings
     management by regulators show an average stock price
     decline of 9%.

Source: Masser Spears, “The Impact of Earnings Mgt. on the Credibility of
     Corporate Financial Reporting,” Petroleum Acctg. and Financial
     Mgt., Summer 2007, pp. 47-48.

       Contracting Incentives to
          Manage Earnings
1.   There is no evidence of earnings
     management behavior by firms close to their
     dividend covenant. Instead, these firms tend
     to manage their cash flows.

2.   There is inconclusive (mixed) evidence of
     earnings management behavior by firms to
     other debt covenants, such as interest
     coverage or leverage ratios.

3.   Some managers manipulate earnings to
     increase bonus awards. There is no evidence
     on the pervasiveness or the stock market
     impact of this form of earnings management.

Source: Masser Spears, “The Impact of Earnings Mgt. on the
    Credibility of Corporate Financial Reporting,” Petroleum
    Acctg. and Financial Mgt., Summer 2007, pp. 47-48.
        Regulatory Incentives to
           Manage Earnings
1.   There is strong evidence that suggests that
     firms manage earnings (a) to avoid
     regulatory constraints, (b) to take advantage
     of governmental benefits, and (c) to avoid
     regulatory exposure.

2.   There is no direct evidence about how and
     whether regulators impound those forms of
     earnings management behavior.

Source: Masser Spears, “The Impact of Earnings Mgt. on the
    Credibility of Corporate Financial Reporting,” Petroleum
    Acctg. and Financial Mgt., Summer 2007, pp. 47-48.
    Management or Manipulation?

   More than one-half of CFOs say they can
    legally influence reported earning by 3% or
   Operational levers: delaying operational
    spending, accelerating order processing,
    and driving sales force more.
   Accounting steps: changing the timing of an
    accounting change and adjusting
   One-third of CFOs would try to influence
    results: 24% upward or 8% would try to cut
   Few CFOs think their auditors would catch
   If the auditors caught it, they probably
    would not bring it up to management.

Don Durfee, “Management or Manipulation?” CFO, December, 2006, p.
Financial Statement Fraud Schemes

 Category                           %
 Concealed Liabilities             45.0%
 Fictitious Revenues               43.3%
 Improper Asset Valuations         40.0%
 Improper Disclosures              37.5%
 Timing Differences                28.3%

Source: 2006 Wells Report, ACFE.

    Good Earnings Management

 Careful timing of capital gains and
 Use of conferencing technology to
reduce travel costs; and
 Postponement of repair and
maintenance activities when faces
with unexpected cash flow declines.

L. G. Weld et. al, “Anatomy of a Financial Fraud,” The
CPA Journal, October 2004.

    Abusive Earnings Management

 Improper revenue recognition (e.g., bill and hold
 Improper expense recognition.

 Using reserves to inflate earnings in years with
  falling revenues (cookie jar accounting).
 Shifting debt to SPE.

 Channel stuffing.

 Capitalizing marketing costs rather than expensing.

 Extending useful lives and inflating salvage values.

 Cookie jar reserves.

 Accelerating revenue from leasing equipment.

 SPEs not consolidated.

     Early Warning Signs of
     Earnings Management

 Cash flows that are not correlated with
Receivables that are not correlated with
 Allowances for uncollectible accounts that
are not correlated with receivables;
 Reserves that are not correlated with
balance sheet items;
 Acquisitions with no apparent business
purpose; and
 Earnings that consistently and precisely
meet analysts’ expectations.

Magrath and Weld, “Abusive Earnings Management and
Early Warning Signs,” The CPA Journal, August 2002.

Some Red Flags of Earnings Management

  1.    CEO is also Chairperson of BOD (e.g.,
  2.    Insiders have majority control of BOD.
  3.    Weak system of internal controls.
  4.    Performance emphasis on short-term goals.
  5.    Weak or non-existent Code of Ethics (e.g.,
  6.    Questionable business strategies with
        opaque disclosures (e.g., special purpose
  7.    CEO is uncomfortable with criticism (Enron’s
        Jeff Skilling).
  8.    CEO or other senior management turnover
        (Qwest’s CFO).
  9.    Insiders selling stock (Enron’s Ken Lay).
  10.   Independence problem from large non-audit
        fees paid to external auditors (e.g.,
  11.   Company’s investment banker has
        independence problems (e.g., Parmalat,

      Types of Financial Statement Fraud Schemes

       Three professors have broken financial
       statement fraud schemes into these ten

 1.    Fictitious and/or overstated revenues and
       assets (e.g., non-ordered or cancelled goods).
       Sunbeam created revenues by contingent
       sales, a bill-and-hold strategy, and
       accelerated sales. Digital Lightware, Inc.
       recognized fraudulent billings. Cendant
       Corporation created fictitious revenues, and
       Knowledge Ware inflated revenues with
       phony software sales. Xerox, Bristol-Mayers,
 2.    Premature Revenue Recognition (e.g., holding
       books open). 35-day month.
 3.    Misclassified Revenues and Assets (e.g.,
       combining restricted cash accounts with
       unrestricted cash accounts). School districts
       and universities may engage in this strategy
       with dedicated funds.

Source: S.E. Bonner, Z. Palmrose, and S.M. Young, “Fraud Types and Auditor
Litigation,” The Accounting Review, October 1998, pp. 503-532.
     Types of Financial Statement Fraud Schemes
                       (contd …)

4.     Fictitious Assets and/or Reductions of
       Expenses/Liabilities (e.g., recording
       consigned inventory as inventory).
5.     Overvalued Assets or Undervalued
       Expenses/Liabilities (e.g., insufficient
       allowance for bad debts). Enron.
6.     Omitted or Undervalued Liabilities (e.g.,
       understated pension expenses). Hiding
       losses (Allied National Bank).
7.     Omitted or Improper Disclosures (e.g., stock
       option expense estimates).
8.     Equity fraud (e.g., recording nonrecurring
       and unusual income or expense in equity).
9.     Related-Party Transactions (e.g., fictitious
       sales to related parties). Enron had many
       related-party transactions. REFCO, Adelphia.
10.    Financial Fraud Going the Wrong Way (e.g.,
       for tax purposes reducing income or
       increasing expenses).

        Wrong Way Earnings Management

      Freddie Mac understated past
       earnings as much as $5 billion.
      Certain transactions and accounting
       policies were “implemented with a
       view to their effect on earnings”
       (e.g., to smooth earnings).
      Restatements will result in higher
       earnings in prior periods but lower
       earnings in future periods.
      Employees appeared to knowingly
       violate accounting rules in an effort
       to manipulate earnings.
Source: Patrick Barta and J.D. McKinnon, “Freddie Mac Profits May Have Been
       Low By Up to $4.5 Billion,” Wall Street J., June 26, 2003, pp. C-1 and
       C-11. Bethany McLean, “The Fall of Fannie Mae,” Fortune, January 24,
       2005, pp. 123-140.

           Fannie Mae’s Problem
• Fannie Mae was ordered by the SEC [2004]
to a restatement of earnings of $ 9 billion
(reducing earnings since 2001). Misuse of
hedge-accounting transactions and improper
accounting for loans.
• CFO J. Timothy Howard resigned with an
annual pension of $400,000 and lifetime
access to Fannie Mae’s Medical benefits. Plus
$ 4 million of stock options.
•CEO Franklin Raines was paid more than
$60 million over a 6 year period. On Dec. 21,
2004, Raines took early retirement. $ 1
million annually for life.
•The Board replaced KPMG as Fannie’s
Source: Bethany McLean, “The Fall of Fannie Mae,” Fortune, January
24, 2005, pp. 123-140. Mike McNamee, “Franklin Raines Lost
Gamble,” Business Online, December 22, 2004.
      Cooking the Books-Symbol Technologies

   From 1998 through February 2003, Symbol used a so-
    called “Tango sheet” process through which fraudulent
    “topside” accounting entries were made to reserves
    and other items to conform the unadjusted quarterly
    results to management’s projections;

   Fabrication and misuse of restructuring merger and
    other non-recurring charges to artificially reduce
    operating expenses, create “cookie jar” reserves
    (overstating inventory write-offs) and further manage

   Channel stuffing and other revenue recognition
    schemes, involving both product sales and customer
    services; stuffed the channel by granting resellers
    return rights and contingent payment terms in side

   Manipulation of inventory levels and accounts
    receivable data to conceal the adverse side effects of
    the revenue recognition schemes.

      Cooking the Books-Symbol Technologies

   Warehouse arrangement with a large foreign
    distributor that served as a vehicle for improperly
    recognizing several millions of dollars.

   Directed employees to refrain from scanning new
    components or returned goods into the automated
    accounting system.

   Backdated (cherry picked) stock option exercise dates.

   When “days sales outstanding’ because too large
    because of fraudulent revenue recognition, reclassified
    past due trade accounts receivable into notes
    receivables. A growing DSO figure is often a sign that
    receivables are impaired due to channel stuffing, etc.

   Deferred $3.5 million of FICA insurance costs to a later

   Recognized revenue that was processed in one
    quarter, but shipped the next quarter.

        Seven Investigative Techniques

1.    Public document review and
      background investigation (non-
      financial documents).
2.    Interviews of knowledgeable
3.    Confidential sources.
4.    Laboratory analysis of physical
      and electronic evidence.
5.    Physical and electronic
6.    Undercover operations.
7.    Analysis of financial transactions.

Source: R.A. Nossen, The Detection, Investigation and Prosecution of

      Financial Crimes, Thoth Books, 1993  .
     Financial Fraud Detection

   Interviewing the executives
   Analytics
   Percentage analysis
       Horizontal analysis
       Vertical analysis
       Ratio analysis
   Using checklists to help detect fraud
       SAS checklist
       Attitudes/Rationalizations checklist
       Audit test activities checklist
       Miscellaneous fraud indicator checklist

“Objectively obtaining and evaluating evidence is the
   essence of auditing.”
     (AAA, Committee on Basic Auditing Concepts, 1973, 2)

         Investigative Techniques

         Public Document Review
 Real  and personal property records.
 Corporate and partnership records.

 Civil and criminal records.

 Stock trading activities.

 Check vendors.

           Laboratory Analysis
 Analyzing  fingerprints.
 Forged signatures.

 Fictitious or altered documents.

 Mirror imaging or copying hard
  drives/company servers.
 Use clear cellophane bags for paper
          Analytical Procedures
Analytical procedures involve the study or
  comparison of the relationship between
  two or more measures for the purpose of
  establishing the reasonableness of each
  one compared. Five types of analytical
  procedures help find unusual trends or
  relationships, errors, or fraud:
 Horizontal or Percentage Analysis

 Vertical Analysis

 Variance Analysis

 Ratio Analysis or Benchmarking

 Comparison with other operating

Source: D.L. Crumbley, J.J. O’Shaughnessy, and D.E.
    Ziegenfuss, 2002 U.S. Master Auditing Guide,
    Chicago: Commerce Clearing House, 2002, p.
    592.                                              221
         Sales v. Net Income
Forensic accountants should compare the
trend in sales with the trend in net income.

For example, from 1999 to 2001,
HealthSouth’s net income increased nearly
500%, but revenues grew only 5%. On
March 19, 2003, the SEC said that
HealthSouth faked at least $1.4 billion in
profits since 1999 under the auditing eyes
of Ernst & Young.

The SEC said that HealthSouth started
cooking its numbers in 1986, which Ernst &
Young failed to find over 17 years.
HealthSouth also inflated its cash balances.

    Beware Inter-company Entries
 HealthSouth used PeopleSoft, with at
least 2,000 different ledgers.

Suspense Account             xx
      Revenue                       xx

Accounts Receivable xx
Inventory                    xx
Property                     xx
       Suspense Account             xxx

Most of the entries were inter-company

During 2005, 2004, and 2003,
professional fees associated with the
reconstruction of HealthSouth’s financial
records and restatement of 2001 and
2002 consolidated financial statements
approximated $206.2 million and $70.6
million, respectively.
     Financial Statement Fraud Audit

1.     Obtain current year’s financial
2.     Obtain prior 3 years’ financial
3.     Perform vertical/ horizontal analysis of
       the 4 years, plus all current quarters.
4.     Pay attention to footnotes.
5.     Analysis of %s and footnotes by senior
6.     Nonsense %s and footnotes inquire
       explanations from financial
7.     Interview lower level financial
       employees who approved
       questionable journal vouchers.
8.     Combine explanations with visits to
       accounting records/ source

             Horizontal Analysis

Suppose advertising in the base year
was $100,000 and advertising in
the next three years was $120,000,
$140,000, and $180,000. A
horizontal comparison expressed as
a percentage of the base year
amount of $100,000 would appear
as follows:

             Year 4      Year 3     Year 2      Year 1

              $180,000   $140,000    $120,000   $100,000
Comparison     180%        140%        120%       100%

      Red Flags with Horizontal Analysis

   When deferred revenues (on the balance sheet)
    rise sharply, a company may be having trouble
    delivering its products as promised.
   If either accounts receivable or inventory is rising
    faster than revenue, the company may not be
    selling its goods as fast as needed or may be
    having trouble collecting money from customers.
    For example, in 1997 Sunbeam’s revenue grew
    less than 1% but accounts receivable jumped 23
    percent and inventory grew by 40 percent. Six
    months later in 1998 the company shocked
    investors by reporting a $43 million loss.
   If cash from operations is increasing or decreasing
    at a different rate than net income, the company
    may be being manipulated.
   Falling reserves for bad debts in relation to
    account receivables falsely boosts income (cookie
    jar accounting).

                  More Red Flags
   Look for aggressive revenue recognition
    policies (Qwest Communication, $1.1 billion
    in 1999-2001). Beware of hockey stick
   Beware of the ever-present nonrecurring
    charges (e.g., Kodak for at least 12 years).
   Check for regular changes to reserves,
    depreciation, amortization, or comprehensive
    income policy.
   Related-party transactions (e.g., Enron).
   Complex financial products (e.g.,
   Unsupported top-side entries (e.g.,
   Under-funded defined pension plans.
   Unreasonable management compensation

Source: Scott Green, “Fighting Financial Reporting Fraud,”
   Internal Auditor, December 2003, pp. 58-63.
        Five Statistically Significant Ratios

   Use the ratios for two successive fiscal
   Convert into indexes for benchmarking.

Day’s Sales in Receivable Index:
           (Accounts Receivable t / Sales t )
         (Accounts Receivable t-1 / Sales t-1)
Index for manipulators: 1.5 to 1
Gross Margin Index:
           [(Sales t-1 - Cost of Sales t-1 ) / Sales t-1]

           [(Sales t - Cost of Sales t ) / Sales t]
Index for manipulators = 1.2 to 1
Source: M.D. Beneish, “The Detection of Earnings
   Manipulation,” Financial Analysts Journal,
   September/October, 1999. t-1 = prior year.

         Five Statistically Significant Ratios

Asset Quality Index =

1- (Current Assets t + Net Fixed Assets t )
                           Total Assets t

1 - (Current Assets t-1 + Net Fixed Assets t-1)
                           Total Assets t-1

Index for manipulators = 1.25 to 1
Sales Growth Index : Sales t / Sales t-1

Manipulators: 60%
Non manipulators 10%

Source: M.D. Beneish, “The Detection of Earnings
   Manipulation,” Financial Analysts Journal,
   September/October, 1999. t-1 = prior year.

      Five Statistically Significant Ratios

Total Accruals to Total Assets =
   Δ Working Capital t - Δ Cash t - Δ Current Taxes
   Payable t - Δ Current Portion of LTD t - Δ
   Accumulated depreciation and amortization t
                  Total Assets t

TATA for manipulators: .031
TATA for non manipulators: .018

Source: M.D. Beneish, “The Detection of Earnings
   Manipulation,” Financial Analysts Journal,
   September/October, 1999. LTD = Long-term debt.

        A Charles Lundelius Example

Comparison to peer group benchmarks:

Characteristic       MPS       Peer group           % over
DSRI                 1.56         1.03        51%
GMI                  2.00         1.10        82%
AQI                  1.23         1.04       18%
SGI                  1.50         1.20       25%
TATA                 0.10         0.05       100%

Source: C.R. Lundelius, Financial Reporting Fraud, AICPA, 2003, p.
         Z-Score Methodology
1.   Altman’s Z-Score (Manufacturers)
     AZ-Score = 1.2X1 + 1.4X2 + 3.3X3 + 0.6X4 +
     X1 = Working Capital/Total Assets
     X2 = Retained Earnings/Total Assets
     X3 = EBIT/Total Assets
     X4 = Market Value of Equity/Total Liabilities
     X5 = Sales/Total Assets
     Above 2.99, indicates sound financial health.
     Grey zone, no conclusion can be drawn.
     Below 1.81, indicates financial distress.

2.   Altman’s Double Prime Z-Score
     Change X4 to Total Shareholders’ Equity
     Drop X5
     ADPZ-Score = 6.56X1 + 3.26X2 + 6.72X3 +
     Above 2.6, strong.
     Grey zone, no conclusion can be drawn.
     Below 1.1, weak.                            232
     Z-Score Methodology (cont.)
3.   Private Company Model
     Use book value rather than
     market value of equity.
     PMZ-Score = 0.717X1 + 0.847X2
     + 3.107X3 + 0.420X4 + 0.998X5
     Above 2.90, safety zone.
     Grey zone, no conclusion.
     Lower than 1.23, distress zone.
4.   Hillegeist DPM
     Gives probability of default.
     HZ-Score = 3.835 + 1.13X1 +
     0.005X2 + 0.269X3 + 0.399X4 –
     Where 3.835 is constant.
     Higher the score, the better.
1.   In order to determine how risky a particular company is
     that you are auditing, you prepare these five ratios
     along with the same ratios of this company’s peers:
                                        Company     Peers
      Day’s Sales in Receivable Index     1.51       1.05
      Gross Margin Index                  1.98       1.11
      Asset Quality Index                 1.21       1.01
      Sales Growth Index                  1.53       1.19
      Total Accruals to Total Assets      0.11       0.06

     What are your thoughts about the risk potential of
     this company?
2. You are provided the following information about a
   company for two years (in millions):
                                           2005       2006
      Sales                             $23,000     32,000

      Cost of Sales                      11,960     17,600
      Accounts Receivable                 4,830     10,560

   a. Days Sales in receivable index.
   b. Gross margin index.
   c. Sales growth index.
   Any thoughts about this company?
                        Ratio Analysis

1. Current ratio =
   Current assets (cash and equivalents, receivables and inventories)
   Current liabilities (payables, accruals, taxes, and debt due in 1 year)

                   Cash and equivalents plus receivables
2. Quick ratio =             Current liabilities

3. Working capital = Current assets – Current liabilities

                        Cost of goods sold
4. Inventory turnover = Average inventory

   The number of days inventory is on hand can be calculated as
                        Inventory turnover

                           Net credit sales
5. Receivables turnover = Average receivables

                         Cost of goods sold
6. Gross Margin = 1 –           Sales

              Excel Spreadsheet
Sherron Watkins discovered the Enron fraud in
2001 when she was again working under Andy
Fastow, CFO. She took a simple inventory, using an
Excel spreadsheet to calculate which of the
division’s assets were profitable and which were
         She discovered the special purpose
entities called Raptors, off-the-books partnerships.
Enron had hidden hundreds of millions of losses by
borrowing money from Raptors and promising to
pay the loans back with Enron stock. Enron was
hedging risks in its left pocket with money from its
right pocket.
         As the value of Enron stock fell and the
losses in the Raptors mounted, Enron had to add
more and more stock because Enron had risked
97% of the losses, and Arthur Andersen had agreed
to the accounting.

Source: Mimi Swartz and Sherron Watkins, Power Failure,
New York: Doubleday, 2003, p. 269.

    Investigative Technique: Videotapes
   Average big city resident caught on videotape
    about 75 times a day. Common in workplaces and
    stores (USA).

 Former Coca-Cola secretary convicted of
  conspiring to steal and willing to sell confidential
  Coca-Cola documents and samples of products
  that the company was developing to Pepsi.

 Coca-Cola security expert testified that
  surveillance cameras were monitoring Joya
  Williams’ movements. The surveillance was a key
  part of the government’s evidence.

 She stole the materials and was attempting to sell
  for at least $1.5 million.

   Deeply in debt, unhappy at job, and seeking a big

    Could face 10-years in prison.

Myway, “Video Shows Coke Worker Taking Documents,” January
   26, 2007.
Fraud Awareness Auditing:
      Unrefined Oil


Inventory Turnover =         C of GS
                        Average Inventory
                       = $2.9 million = 2.64%
                          1.1 million

Operating Margin = Operating Income
                  = $900,000 = .1125
                    $8 million

         Thinking as a Forensic Auditor
  The Iceberg Theory of Fraud
Overt Aspects
Hierarchy                                      Structural
Financial Resources                            Considerations
Goals of the Organization
Skills and Abilities of Personnel
Technological State                                     Water
Performance Measurement
        Covert Aspects
        Feelings (Fear, Anger, etc.)
        Norms               Behavioral
        Interaction         Considerations

                  Source: G.J. Bologna and R.J.
                  Lindquist, Fraud Auditing and
                  Forensic Accounting, 2nd Edition,
                  New York: John Wiley, 1995, pp. 36-

         Behavioral Concepts Important

        “Not all fraud schemes can
effectively be detected using data-driven
        Instances of corruption-bribery,
kickbacks, and the like – and collusion
consistently involve circumvention of
        Searching relevant transaction data
for patterns and unexplained relationships
often fails to yield results because the
information may not be recorded, per se, by
the system.
        Behavioral concepts and qualitative
factors frequently allow the auditor to look
beyond the data, both with respect to data
that is there and the data that isn’t.”
Source: S. Ramamoorti and S. Curtis, “Procurement Fraud & Data
Analytics, “Journal of Government Financial Management, Winter 2003,
Vol. 52, No. 4, pp. 16-24.

                 Life Styles Important
        For someone who earned a salary of just
$1,000 a month, Rana Koleilat managed to live
a pretty nice life. She traveled by private jet,
took along her servant and hairdresser, and
stayed at luxurious locality in London and Paris.
Back home in Beirut, Lebanon, she lived in a
three-story penthouse. To anyone who asked
how she lived so well, she replied that she had a
“rich uncle.”

        Actually, Koleilat helped manage a
private bank in Beirut, and thereby hangs a tale.
The chairman of the bank said he lost $1.2
billion, and depositors lost another several
hundred million dollars

E.T. Pound, “Following the Old Money Trail,” U.S. News & World Report, April
4, 2005, p. 30.

                Be An Investigator

“Because I was an investigator,” he said.
“O.K.,” she said. “Investigators investigate.
That, I can follow. But don’t they stop
investigating? I mean, ever? When they know
“Investigator never know,” he said. “They
feel, and they guess.”
“I thought they dealt in facts.”
“Not really,” he said. “I mean, eventually they
do, I suppose. But ninety-nine percent of the
time it’s ninety-nine percent about what you
feel. About people. A good investigator is a
person with a feel for people.”

Lee Child, Echo Burning, N.Y.: Jove Books, 2001, p. 281.
  Fraud Identifiers to Spot Fraudsters

    Large ego
    Substance abuse problems or
     gambling addiction
    Living beyond apparent
    Self-absorption
    Hardworking/taking few
    Under financial pressure (e.g.,
     heavy borrowings)
    Sudden mood changes.

Source: G.E. Moulton, “Profile of a Fraudster,”
Deloitte Touche Tohatsu,, 1994.
      Red Flags or Fraud Identifiers
   Earnings problem: downward trend in
   Reduced cash flow: If net income is moving
    up while cash flow from operations is drifting
    downward, something may be wrong.
   Excessive debt: the amount of stockholders'
    or owners' equity should significantly exceed
    the amount of debt.
   Overstated inventories (California Micro) and
    receivables (BDO Seidman): If accounts
    receivables exceeds 15 percent of annual
    sales and inventory exceeds 25 percent of
    cost of goods sold, be careful.
   Inventory plugging: Record sales to other
    chains as if they were retail sales rather than
    wholesale chains (e.g., Crazy Eddie).
   Balancing Act: Inventory, sales, and
    receivables usually move in tandem because
    customers do not pay up front if they can
    avoid it.
   CPA Switching: Firms in the midst of financial
    distress switch auditors more frequently than
    healthy companies.

Red Flags or Fraud Identifiers (contd…)

   Hyped Sales: hyped sales by using his ample
    personal fortune to fund purchases.
   Reducing Expenses: Rent-Way reduced the
    company’s expenses—a reduction of $127
   Ebitda: Earnings before interest, taxes,
    depreciation, and amortization is a popular
    valuation method for capital-intensive
   Off-Balance Sheet Items: Enron had more
    than 2,500 offshore accounts and around
    850 special purpose entities.
   Unconsolidated Entities: Enron did not tell
    Arthur Andersen that certain limited
    partnerships did not have enough outside
    equity and more than $700 million in debt
    should have been included on Enron’s

Red Flags or Fraud Identifiers
   Creative or Strange Accounts: For their
    1997 fiscal year, America Online, Inc.
    showed $385 million in assets on its
    balance sheet called deferred
    subscriber acquisition costs.
   Pension Plans
   Reserve Estimates
   Personal Piggy Bank: Family member
    owners may use a corporation as a
    personal piggy bank at the expense of
    public investors and creditors.
   Barter deals: A number of Internet
    companies used barter transactions
    (or non-cash transactions) to increase
    their revenues.

            Management’s Role

  The Sarbanes-Oxley Act of 2002
mandates that CEOs and CFOs certify in
periodic reports containing financial
statements filed with the SEC the
appropriateness of financial statements
and disclosures.

     In March 2005, the SEC said that
executives are gatekeepers. Thus, an
executive can be in trouble if in a
position to detect wrongdoing below
them and do not move forcefully to
prevent the fraud. It does not matter if
the executive has been lied to. An
executive has the responsibility to cut
through the lies and try to root out the
Carol. J. Loomis, “The SEC Turns the Screws on
Gatekeepers,” Fortune, April 18, 2005, p. 38.

  Pressures On All Sides

  CEOs are now being squeezed as a
result of SOX by BODs, auditors, and
lawyers because these watchdogs are
finally facing genuine liability for their
failures. These watchdogs are trying to
protect their hides.

 Arthur Andersen is out of business, and
directors at WorldCom and Enron are
paying off fraud claims out of their own
pockets. Hank Greenberg, former
Chairman and CEO of AIG said that the
balance of power in corporate America
has shifted.

Diane Brady and Joseph Weber, “The Boss on the Sidelines,”
Business Week, April 25, 2005, p. 88.

          Significant Variables of
          Fraudulent Companies

 Percentage of total Board of Directors
holdings held by insiders.
 Insiders having greater than 50%
control of the BOD.
 CEO also being chairman of the BOD.

 CEO being the company’s founder.

 Lack of an audit committee.

SEC Accounting and Auditing Enforcement Releases (1982-1992).

                              CEO Duality
Eight of the ten recent scandals had board
chairs who were also CEO:
1.Enron                     5. HealthSouth
2.Adelphia                  6. Quest
3.Tyco                      7. Homestore
4.Waste Management          8. Sunbeam

WorldCom and Global Crossing had different
 Chairman and CEO.
Aging Board of Directors. “Easier for
 Management to get away with misdeeds.”
 Enron’s Audit Committee chairman was 72.
 “They can be hard of hearing.” Nearly 10% of
 directors in the S & P’s 500 stock index are
 70 or over.

Source: Louis Lavelle, “Directors: Know When to Fold Them, “Business Week, May 24, 2004, p.14.

              Audit Tests
The Panel on Audit Effectiveness
recommended that surprise or unpredictable
elements should be incorporated into audit
tests, including:
     Recounts of inventory and
        unannounced visits to locations
     Interviews of financial and non-
        financial client personnel in different
     Requests for written confirmations
        from client employees regarding
        matters about which they have made
        representations to the auditors
     Tests of accounts not normally
        performed annually
     Tests of accounts traditionally or
        frequently deemed “low risk”

      Audit Committee Red Flags
• Independence of audit committee from
  management. Audit committee should
  report to BODs.
• The clarity with which the audit
  committee’s responsibilities are articulated,
  such as in the charter, and how well the
  audit committee and management
  understand those responsibilities;
• The audit committee’s interactions and
  involvement with the independent and
  internal auditor; and
• Whether the audit committee raises and
  pursues with management and the
  independent auditor the appropriate
  questions, including questions that indicate
  an understanding of the critical accounting
  policies and judgmental accounting
  estimates.                                   253
                  Computer Forensics
“Today’s Sergeant Joe Friday does not write in a small
notebook in the course of solving crimes; he now
reconstructs the data from imaging hard drives.”

          Joe Anastasi, The New Forensics, John Wiley & Sons, 2003.
“Corporate criminals don’t always tell the truth.
Their computers usually do.”
          Thomas Talleur, KPMG

• “The need for computer forensics has dramatically
  increased. This represents the use of computer
  science principles and investigative techniques to
  obtain digital evidence from computer systems that
  is admissible in a court of law,” says Bruce
• Statistics indicate that 92 percent of new data is
  created electronically and that 70 percent of this data
  never migrates to paper. When investigators ignore
  electronics evidence, it’s analogous to only
  reviewing three out of 10 boxes containing
  potentially relevant and discoverable information.
S. Kahan, “Sherlock Holmes Enters Accounting,” WebCPA, February,
   Data Mining Found WorldCom Mess

Auditors should perform all of the
analytics themselves, and they must be
educated in fraud detection and
introduced to data mining techniques.
When the concept of data mining is
brought up, audit managers cringe and
argue that they cannot afford to employ

However, while there is data mining
software that requires a statistician’s
level of expertise (such as IBM’s
Intelligent Miner), there also are
products, such as WizSoft Inc., that can
be employed by most auditors who are
acquainted with the fundamentals of
Microsoft Office and who are curious as
to why they obtained their audit results.

Source: Bob Denker, “Data Mining and the Auditor’s Responsibility,”
Information Systems Audit and Control Association InfoBytes.
      Technology Knowledge Important
   Ruby Sharma, at E&Y, says that computer forensic services,
    as well as electronic discovery and forensic data analysis, are
    provided by its legal technology services practice, which
    currently consists of 52 professionals, around one-fourth of
    whom are primarily devoted to computer forensics and
    closely related disciplines.
    These computer forensics professionals provide a range of
    services to clients beyond the traditional identification,
    preservation and extraction of electronic evidence from
    digital media, she says. They also provide forensic
    investigations and analysis of digital media to determine the
    circumstances surrounding the creation, deletion or
    modification of specific documents; determine the
    provenance of documents; locate and recover evidence that
    has been either intentionally or unintentionally deleted; and
    determine timelines and event sequences of computer
    activity that may be of value to the investigation.

   Frank Piantidosi, at Deloitte, says that technology is the heart
    of most financial investigations, and electronic data drives
    the investigation. He says that this group provides
    repositories of all the data to the legal teams electronically,
    rather than through the antiquated system of boxes and
    boxes of hard copy files.
   We have developed technology solution that can quickly find
    and accumulate data from various sources anywhere in the
    world, then read the data files using software from India,
    then store the data using Australian technology for 5 to 10

S. Kahan, “Sherlock Holmes Enters Accounting,” WebCPA, February 11, 2007.   256
    Careful of E-mail and Text Messages

   Do not put anything in an e-mail or text
    message that you do not wish to see in the
    newspaper or on the Internet.

   14,000 flirty and sometimes sexually explicit
    text messages between married Detroit Mayor
    Kwame Kilpatrick and his top aide Christine
    Beatty reprinted in Detroit Free Press. Found
    on the city-issued pager of Beatty.

   Both denied under oath having a physical

    Using Technology to Gather
   Drill-down functionality
   Electronic imaging
   Benford’s law
   Digital Analysis Tests and Statistics
   Data warehousing/mining
   Inductive vs. deductive method

              Technology is Here

“Extensive knowledge and use of technology is
    an absolute necessity. The ability to go into an
    electronic image and download information,
    and to get information from systems that don’t
    talk to each other. All the accumulated
    information can then be reviewed for financial
                       Bert Lacativo, Southlake, Texas
“We use off-the-shelf software (IDEA) to import
     large databases, read different data files, set
     up queries, and compare database files such
     as addresses, telephone numbers, and Social
     Security numbers. This process will tell us, for
     example, if a purchase order was done on
     Saturday or Sunday when the company isn’t
              Cal Klausner, Bethesda, Md.

H.W. Wolosky, “Forensic Accounting to the Forefront,” Practical
    Accountant, February 2004, pp. 23-28

    Data Analysis vs. Data Mining Software
   ACL, IDEA, and SAS are data
    analysis (DA) software used to
    ensure the integrity of data, to
    program continuous monitoring, and
    to detect fraudulent transactions.
   DA requires a program to be set up
    and run against the data. The
    program is written by auditors (i. e.,
    humans) who may be prejudice in
    the routines that are executed.
   Data Mining finds patterns and
    subtle relationships in data.
   Wiz Rule (from WizSoft, Inc.) and
    IBM’s Intelligent Miner are data
    mining software.
Source: Irina Sered, “Software,”

      Wiz Rule Data Auditing Tool
   Based upon data mining.
   Performs complex analysis of data,
    finding errors, inconsistencies, and
    situations that require further
   WizRule reveals all the if-then rules,
    mathematical formula rules, and
    spelling irregularities.
   Divides situations deviating from the
    rules into data entry errors and
    suspicious errors.
   Can be used in auditing, fraud
    detection, data scrubbing, and due
    diligence reviews.
   Learning curve is short.
   Cost license is $1,395 and yearly
    maintenance fee is $279.

Source: Irina Sered, “Software,”
      Who Uses IDEA?

 External and Internal
 Forensic Accountants/
  Fraud Investigators
 Financial managers

 General and systems
 Educators

 Statisticians

 Information systems

          IDEA Benefits

• Sort           • Statistics
• Compare        • Find missing
• Manipulate       data
• Sample         • Analytics
• Extract data
                 • Convert test
• Mathemati-       files to data
  cal testing
• Exception
  reports        • Create
• Aging            summary

          Using Data Mining
   Match employee addresses
    against vendor addresses.
   Sort vendor list by size to
    determine the most highly paid
   Review the structure of vendor
   Uncover indications of ghost
    employees (e.g., N.O. Police
   Fraudulent expense reports (even
    amounts, $6).
   Repeated withdrawals of even
    amounts from petty cash.

          Computer Forensics
        “I need you to step away from your
computer please,” Lee Altschuler said.
Morgan Fay’s chief financial officer glanced up
from her computer screen. She regarded the
man standing at her office doorway for a
moment. “Excuse me?” Cindy Shalott asked.
“We’d like you to please conclude your
business for the day.” Lee Altschuler said. “I’d
appreciate it if you could complete whatever
you’re doing as quickly as you can. Please leave
your computer in the way that it is now. Don’t
turn it off.”
    The chief financial officer swung her desk
chair around.
   “Just move away from your computer
please,” Altschuler repeated.
   “Who are you?” Cindy Shalott asked.
Source: Joe Anastasi, The New Forensics, John Wiley & Sons, 2003, p. 91

                  Ink Analysis
   Martha Stewart was undone by a blue
    ballpoint pen.
   Stockbroker belatedly inserted a note to
    help cover up Ms. Stewart’s improper
    stock trading. Blue ballpoint ink used is
    different from ink elsewhere on the
    trading worksheet.
   Prosecutors used forensic ink analysis in
    Rite Aid case to show that certain
    documents were backdated (ink used to
    sign letter was not commercially available
    until 3 months after the letter was dated).
   Xerox laser printers now encode the serial
    number of each machine in tiny yellow
    dots in every printout, nestled within the
    printed words and margins. It tracks
    back to you like a license plate.
   Advice for fraudsters: use pencils.
Source: Mark Maremont, “In Corporate Crimes, Paper Trail
   Often Leads to Ink Analysts’ Door,” Wall Street J., July 1,
   2003, p. A-1.

        Deductive vs. Inductive
   Deductive: one goes from general to
    specific; fairly simple and economical.
   Inductive: one starts with specific
    experiences and then draws inferences.

Deductive Approach           Inductive Approach
Generic data mining          Custom data mining
Digital analysis             Analysis of all data
Discovery sampling
Generic software             Custom software
For smaller organizations    For larger organizations
Basic features               Sophisticated features
Easy to learn                Requires advanced skills
Relatively inexpensive       More expensive

Source: W.S. Albrecht and C.C. Albrecht, “Root Out
Financial Deception,” Journal of Accountancy (April 2002),
p. 33.
                    Benford’s Law
    Distribution of initial digits in natural numbers is not random
    Predictable patterns:

 0= -----                              12%                10.2%
 1= 30.1%                              11.4%              10.1%
 2= 17.6%                              10.9%              10.1%
 3= 12.5%                              10.4%              10.1%
 4= 9.7%                               10%                10%
 5= 7.9%                               9.7%               10%
 6= 6.7%                               9.3%               9.9%
 7= 5.8%                               9%                 9.9%
 8= 5.1%                               8.8%               9.9%
 9= 4.6%                               8.5%               9.8%
There is software to detect potentially invented numbers in many situations.
    Compare actual frequency with Benford’s frequency.

                 Benford’s Law Uses
   Investments sales/purchases
   Check register.
   Sales history/Price history.
   401 contributions.
   Inventory unit costs.
   Expenses accounts.
   Wire transfer information.
   Life insurance policy values.
   Bad debt expenses.
   Asset/liability accounts.

Source: Richard Lanza, “Digital Analysis- Real World Example,”
   IT Audit, July 1, 1999,pp. 1-9.

        Some Uses of Picalo

   Analyzing financial data, employee
    records, and purchasing systems for
    errors and fraud
   Importing Excel, XML, EBCDIC, CSV, and
    TSV files into databases
   Interactively analyzing network events,
    web server logs, and system login
   Importing email into relational or text-
    based databases
   Embedding controls and fraud testing
    routines into production systems

     Picalo Architecture

   Detectlets allow non-programmers to run
    analysis routines created by others   .
         When Benford Analysis Is or Is Not Likely
  When Benford Analysis is Likely Useful                            Examples
Sets of numbers that result from                       Accounts receivable (number
mathematical combination of numbers-                   sold times price). Accounts
Result comes from two distributions.                   payable (number bought
                                                       times price).
Transaction-level data – No need to sample.            Disbursements, sales,
On large data sets – The more observations,            Full year’s transactions.
the better.
Accounts that appear to conform – When                 Most sets of accounting
the mean of a set of numbers is greater than           numbers.
the median and the skewness is positive.
When Benford Analysis Is Not Likely                                 Examples
Data set is comprised of assigned numbers              Check numbers, invoice
                                                       numbers, zip codes.
Numbers that are influenced by human                   Prices set at psychological
thought.                                               thresholds ($1.99), ATM
Accounts with a large number of firm-                  An account specifically set up
specific numbers.                                      to record $100 refunds.
Accounts with a built in minimum or                    Set of assets that must meet a
maximum.                                               threshold to be recorded.
Where no transaction is recorded.                      Thefts, kickbacks, contract

Source: Durtschi, Hillison, and Pacini, “The Effective Use of Benford’s Law to Assist in
Detecting Fraud in Accounting Data,” J. of Forensic Accounting, Vol. V, 2004, p. 24.
Market Segment Specialization

The Market Segment Specialization
Program focuses on developing highly
trained examiners for a particular market
segment. An integral part of the approach
used is the development and publication
of Audit Technique Guides.

These Guides contain examination
techniques, common and unique industry
issues, business practices, industry
terminology, and other information to
assist examiners in performing
examinations. A forensic accountant can
use this resource to learn about a
particular industry.
       Acquisition/Payment Cycle
From 62 standard audit procedures, external and
internal auditors judged these 20 procedures to be
more efficient is detecting fraud in the acquisition and
payment cycle (in descending order).
• Examine bank reconciliation and observe whether
they are prepared monthly by an employee who is
independent of recording cash disbursement or
custody of cash.
• Examine the supporting documentation such as
vendor’s invoices, purchase orders, and receiving
reports before signing of checks by an authorized
• Examine the purchase requisitions, purchase orders,
receiving reports, and vendors’ invoices which are
attached to the vouchers for existence, propriety,
reasonableness and authenticity.
•Examine internal controls to verify the cash
disbursement are recorded for goods actually rendered
to the company.
•Discuss with personnel and observe the segregation
of duties between accounts payable and custody of
signed checks for adequacy.
Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the
Fraud Detection Effectiveness of Standard Audit Procedures,” Journal
of Forensic Accounting, Vol. 4, 2003, p. 204-205                   274
          Acquisition/Payment Cycle (Contd.)
• Confirm inventories in public warehouse and on
•Examine internal controls to insure the vendor’s
invoices, purchase orders, and receiving reports are
matched and approved for payment.
• Examine internal controls for the following
documents: vendor’s invoices, receiving reports,
purchase orders, and receiving reports.
• Trace a sample of acquisitions transactions by
comparing the recorded transactions in the purchase
journal with the vendor’s invoices, purchase
requisitions, purchase orders, and receiving reports.
• Establish whether any unrecorded vendors’ invoices
or unrecorded checks exist.
• Examine the internal control to verify the proper
approvals of purchase requisitions and purchase
• Reconciled recorded cash disbursement with
disbursements on bank statements.

Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the
Fraud Detection Effectiveness of Standard Audit Procedures,” Journal
of Forensic Accounting, Vol. 4, 2003, p. 204-205                   275
        Acquisition/Payment Cycle
• Discover related party transactions.
• Examine the internal control to verify the approvals
of payments on supporting documents at the time that
checks are signed.
• Discuss with personnel and observe the procedures
of examining the supporting documentation before the
signing of checks by an authorized person.
• Examine canceled checks for authorized signatures,
proper endorsements, and cancellation by the bank.
• Account for the numerical sequence of pre-
numbered documents (purchase orders, checks,
receiving reports, and vouchers).
• Trace a sample of cash payment transactions.
• Trace resolution of major discrepancy reports.

Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the
Fraud Detection Effectiveness of Standard Audit Procedures,” Journal
of Forensic Accounting, Vol. 4, 2003, p. 204-205
             Sales/Collection Cycle
These 10 standard audit procedures were judged as
being more effective for detecting fraud in the sales
and collection cycle (in descending order)
• Observe the proper and appropriate segregation of
• Review monthly bank reconciliation and observe
independent reconciliation of bank accounts.
• Investigate the difference between accounts
receivable confirmation and customer account
receivable balances in the subsidiary ledger and
describe all these exceptions, errors, irregularities, and
• Review sales journal, general ledger, cash receipts
journal, accounts receivable subsidiary ledger, and
accounts receivable trial balance for large or unusual
• Verify accounts receivable balance by mailing
positive confirmations.
Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the Fraud
Detection Effectiveness of Standard Audit Procedures,” Journal of Forensic
Accounting, Vol. 4, 2003, p. 209                                           277
          Sales/Collection Cycle (Contd.)

• Examine internal controls to verify that each
cash receipts and credit sales transactions are
properly recorded in the accounts receivable
subsidiary ledger.
• Examine subsequent cash receipts and the
credit file on all accounts over 120 days and
evaluate whether the receivable are collectible.
• Compare dates of deposits with dates in the
cash receipts journal and the prelisting cash
• Examine copies of invoices for supporting the
bills of lading and customers’ orders.

Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the
Fraud Detection Effectiveness of Standard Audit Procedures,”
Journal of Forensic Accounting, Vol. 4, 2003, p. 209
      Inventory/Warehouse Cycle
          These 14 standard audit procedures were
judged by external and internal auditors as being more
effective for detecting fraud in the inventory and
warehousing cycle (in descending order):
• Discover related party transactions.
• Follow up exceptions to make sure they are resolved.
• Review major adjustments for propriety.
• Review inventory count procedures: a. Accounting for
items in transit (in and out); b. Comparison of counts with
inventory records; and c. Reconciliation of difference
between counts and inventory records.
• Review adequacy of physical security for the entire
• Confirm inventories in public warehouse.
• Review procedures for receiving, inspecting, and storing
incoming items and for shipments out of the warehouses.
Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the
Fraud Detection Effectiveness of Standard Audit Procedures,” Journal
of Forensic Accounting, Vol. 4, 2003, p. 206-207

  Inventory/Warehouse Cycle (Contd.)
• Trace shipments to sales records, inventory records,
and bill of lading (shipping documents).
• Determine if access to inventory area is limited to
approval personnel.
• Observe the physical count of all location.
• Recount a sample of client’s counts to make sure the
recorded counts are accurate on the tags (also check
descriptions and unit of count, such as dozen or gross)
• Trace inventory listed in the schedule to inventory
tags and the auditor’s recorded counts for existence,
descriptions, and quantity.
• Trace shipments to sales journal.
• Perform compilation tests to insure that inventory
listing schedules agrees with the physical inventory

Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the
Fraud Detection Effectiveness of Standard Audit Procedures,” Journal
of Forensic Accounting, Vol. 4, 2003, p. 206-207.
          Payroll/Personnel Cycle
These 12 standard audit procedures were judged the
more effective for detecting fraud in the payroll and
personnel cycle (in descending order):
• Sample terminated employees and confirm that they are
not included on subsequent payrolls and confirm propriety
of termination payments.
• Observe the actual distribution of payroll checks to the
• Observe the duties of employees being performed to
insure that separation of duties between personnel,
timekeeping, journalizing payroll transactions, posting
payroll transactions, and payroll disbursement exists.
• Examine internal controls to verify that hiring, pay rates,
payroll deductions, and terminations are authorized by the
personnel department.
• Sample personnel files and physically observe the
presence of personnel in the work place.

Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the
Fraud Detection Effectiveness of Standard Audit Procedures,” Journal
of Forensic Accounting, Vol. 4, 2003, p. 208.
        Payroll/Personnel Cycle (Contd.)
• Examine internal control over payroll records
to verify that payroll transactions are properly
• Discover related party transactions.
• Review the files of new hires for appropriate
approvals, pay rates, and dates of accession.
• Review the payroll journal, general ledger, and
employee individual pay records for large or
unusual amounts.
• Examine internal controls to verify that
unclaimed payroll checks are secured in a vault
or safe with restricted access.
• Examine internal controls to verify that
employee time cards and job order work tickets
are reconciled.
•Glen D. Moyes and C. Richard Baker, “Auditors’ Beliefs About the
Fraud Detection Effectiveness of Standard Audit Procedures,” Journal
of Forensic Accounting, Vol. 4, 2003, p. 208.                     282
                  Class Discussion

     How can you defraud your
own organization, working either
from the inside or outside?


“Fraudsters … identify and exploit
weaknesses specific to the

Herling, D.J., and J. Turner, “Fraud: Effective Use of Legal Remedies for
Corruption,” 9th International Anti-Corruption Conference, October 13, 1999.
PowerPoint presentation slide 56. http://

1.   You receive a tip on the company’s hot line that
     there has been some fraud in the collections
     area. What five audit steps would you suggest
     using in order to find the fraud?
2.   During a brainstorming session, a suggestion is
     made that the most likelihood of fraud in a
     particular division is in the area of acquisition
     and payment cycle. Outline five audit steps to
     help find any potential fraud.
3.   While auditing a company you notice an
     employee in payroll who is living beyond his
     means (e.g., clothes, automobiles, housing). His
     wife does not work. Suggest six audit steps to
     help satisfy you there is no fraud in the payroll
     and personnel cycle.
4.   An anonymous e-mail is sent to an internal
     auditor that there is fraud in the inventory/
     warehousing cycle. Suggest some appropriate
     audit steps.
5.   What is meant by the hockey stick pattern?

Characteristics of Less Complex
       IT Environments
   Transaction processing. Data inputs can
    be readily compared or reconciled to system
    outputs. Management tends to rely primarily
    on manual controls over transaction
   Software. The company typically uses off-
    the-shelf packaged software without
    modification. The packaged software
    requires relatively little user configuration to
   Systems configurations. Computer
    systems tend to be centralized in a single
    location, and there are a limited number of
    interfaces into the system.
   End-user computing. The company is
    relatively more dependent on spreadsheets
    and other user-developed applications,
    which are used to process, accumulate,
    summarize, and report the results of
    business operations, and perform
    straightforward calculations using relatively
    simple formulas.
Source: PCAOB, October 17, 2007, pp. 26.
         Evaluating Management’s
    Whether management recognizes situations for which
     additional expertise is needed to adequately identify and
     address risks of misstatement.
    How management determines that the outside
     professionals possess the necessary qualifications.
    Whom management designates to oversee the services and
     whether they possess the suitable skill, knowledge, or
     experience to sufficiently oversee the outside professionals
     (Note: Management is not required to possess the
     expertise to perform or re-perform the services).
    Whether management has established controls over the
     work of the outside accounting professional (e.g., controls
     over the exchange of information and controls to test their
     work) and over the completeness and accuracy of the
     information provided to the outside professional.
    How management participates in matters involving
     judgment, for example, whether management understands
     and makes significant assumptions and judgments
     underlying accounting calculations prepared by an outside
    How management evaluates the adequacy and the results
     of the services performed, including the form and content
     of the outside accounting professional's findings, and
     accepts responsibility for the results of the services.
    Source: PCAOB, October 17, 2007, pp. 36.
Pervasive Control Deficiencies
   Ineffective control environment (considering
    the risk profile of the company). An
    ineffective control environment can increase
    the risk associated with a control. Also,
    certain controls in the control environment,
    such as maintaining financial reporting
    competencies, might be necessary for the
    effective functioning of other controls.
   Ineffective IT controls or information
    systems. For example, ineffective
    information systems could impair the
    effectiveness of certain IT-dependent
   Pervasive lack of segregation of duties
    without appropriate alternative controls.
    When a person performs two or more
    incompatible duties, the effectiveness of
    some controls might be impaired without
    appropriate alternative controls.
   Frequent management override of controls.
    A control that is frequently overridden is less
    likely to operate effectively.
Source: PCAOB, October 17, 2007, pp. 46.
Market Segment Specialization

The Market Segment Specialization
Program focuses on developing highly
trained examiners for a particular market
segment. An integral part of the approach
used is the development and publication
of Audit Technique Guides.

These Guides contain examination
techniques, common and unique industry
issues, business practices, industry
terminology, and other information to
assist examiners in performing
examinations. A forensic accountant can
use this resource to learn about a
particular industry.
       Rest Of The Story:
 Fraudsters Should Be Prosecuted
Although large frauds may be reported to
law enforcement agencies, smaller frauds
are often not reported.

This failure to report fraud incidents and the
reluctance of police to aggressively tackle
the issue only empowers the fraudsters and
diminishes the victims. Ultimately, these
unreported incidents are precursors to
larger and larger acts of violence. If we do
not deal with simple crimes, we will
eventually have to deal with homicide.

Source: Stephen Doherty, “How Can Workplace
Violence Be Deterred,” Security Management, April
2002, p. 134.

     Use IRS Form 1099 Threat

 For fraudsters and embezzlers,
use the threat of filling a Form 1099
for amounts stolen.
 Ask for an installment payback.

 If they stop payment, report them
to the IRS on a Form 1099.

KPMG provides 10 steps to follow when an
  organization finds or suspects fraud:

1.   Shut the door! Keep assets secure until
     you can provide appropriate long-term
2.   Safeguard the evidence. Ensure that all
     records and documents necessary for
     an investigation remain intact and are
     not altered by you or anyone else.
3.   Notify your insurer. Failure to notify
     may negate your coverage.
4.   Call a professional. Do not confront or
     terminate the employment of a
     suspected perpetrator without first
     consulting your legal advisor.
5.   Prioritize your objectives. What’s most
     important: punishment, loss recovery,
     prevention, detection of future
KPMG’s 10 steps to follow contd..

6.    Consider prosecution. Before you make
      the call, weigh the plusses and
      minuses and determine if your
      insurance company requires
7.    Terminate business relations. If the
      fraud is external, business relations
      with the suspect individual or
      organization should be terminated.
8.    Seek advice and assistance. An
      important consideration is whether you
      have the knowledge and resources
      necessary to effectively manage the
9.    Prepare a witness list. It is important
      that statements be taken before a
      “party line” can develop.
10.   Consider the message. Whatever you
      do will affect future situations. Now
      may be the time to change the way
      your business operates.                 292
      Catch Me If You Can
Punishment for fraud and recovery of
stolen funds are so rare, prevention
is the only viable course of action.
             Frank W. Abagnale

30 years ago Abagnale cashed $2.5
million in fraudulent checks in every
state and 26 foreign countries. Was
later associated with the FBI for 25

           Over-all Fraud Plan
  Background checks
 Avoid Nepotism
 Signed Conditions of Employment Agreement
 Non-compete Agreement
 Confidentiality of Information Agreement
 Bonding
 Two-signatures on checks/ wire transfers/
lines of credit
 Lockbox
 Positive pay
 Check security and restrictive endorsements
 Check stock (can not be scanned and it smears
 Close out cash registers at unpredictable times
 Back up computer files
 Accounting personnel can not cancel debt
 Have an internal audit
 CEO signs numbered check request form

E.J. McMillan, Policies and Procedures to Prevent Fraud &
Embezzlement, 2006, John Wiley.

Types of Misappropriations
   Embezzlement                 Inventory fraud
   Cash and check                    Stealing
    schemes                            inventory
        Larceny of cash              Short shipments
        Skimming                      with full prices
        Swapping checks         Fictitious
         for cash
        Check tampering
        Kiting
                                      Doctored sales
        Credit card refund
         and cancellation             Sham payments
         schemes                      Price
   Accounts receivable                manipulations:
    fraud                              land flipping,
        Lapping                       pump and dump,
        Fictitious
                                       and cyber-
         receivables                   smearing
        Borrowing against            Money
         accounts                      laundering
         receivable                   Bid rigging

   How Cash Is Misappropriated

                                       %    Median Loss
   Skimming                         18.9%      $76,000
   Cash larceny                     14.2%       73,000
   Billings                         28.3%      130,000
   Expense                          19.5%       25,000
   Check Tampering                  17.1%      120,000
   Payroll                          13.2%       50,000
   Wire transfers                    6.5%      500,000
   Register Disbursements            1.7%       26,000

 Source: 2006 Wells Report, ACFE.

                        Cash Wheel

Accounts Receivable                                     Adjusting Entries

Accounts Payable                                               Depreciation



Source: Fraud Auditing Small Businesses With The Wheel , James A. Goldstine
        Some Employee Schemes

   Embezzlement/skimming involves
    converting business receipts to
    one’s personal use and benefit, by
    such techniques as cash register
    thefts, understated/unrecorded
    sales, theft of incoming checks etc.

     Some Skimming Schemes (off-book)

   Unrecorded sales.
   Theft of incoming checks.
   Swapping checks for cash.

Auditing Suggestions
 Compare receipts with deposits.
 Surprise cash count.
 Investigate customers complaints.
 Gross profit analysis (also for money
 Check for reversing transactions, altered
  cash counts, and register tapes that are
 Camera surveillance.

          Preventive Measures
   Segregation of duties, mandatory
    vacations, and rotation of duties
    help prevent cash larceny.
   Review and analyze each journal
    entry to the cash account.
   Two windows at drive-through
   Signs: Free meal if no receipt.
   Blank checks and the automatic
    check signing machine should be
    kept in a safe place from
   Pre-numbered checks should be
    logged and restricted to one
    responsible employee. Require two
    signatures on cashier checks.
Processing Checks Best Procedure

Step 1. The invoice is approved for payment.
Step 2. A check request form is completed.
Step 3. The CEO approves the check
Step 4. The check request is forwarded to
Step 5. Accounting processes the check.
Step 6. The CEO signs the check.
Step 7. A second designated employee (who
          does not approve the payment and is
   not in the accounting department)
   should cosign the check. Therefore, 4
   people involved.

E.J. McMillan, Policies & Procedures to Prevent Fraud & Embezzlement,
     John Wiley, 2006, p.44.

    Processing Checks Best Procedure

   Invoice is approved for payment.
   Check request form is prepared.
   The CEO approves/ signs the numbered
    check request form.
   Check request form is forwarded to
   Accounting processes the check.
   The check is signed by two authorized
   The check is mailed.
   The bank statements are sent to the CEO’s
    home (or P.O. box) for review.
   The CEO forwards the reviewed bank
    statements to accounting for reconciliation.

E.J. McMillan, Policies & Procedures to Prevent Fraud &
     Embezzlement, John Wiley, 2006, p.45.

Some Employee Schemes (contd .)
Kiting: building up balances in bank
  accounts based upon floating
  checks drawn against similar
  accounts in other banks. Wire
  transferring makes kiting easier.
Auditing Suggestions
 Look for frequent deposits and
  checks in the same amount.
 Large deposits on Fridays.

 Short time lag between
 Bank reconciliation audit [cut-off
  bank statement].
Some Employee Schemes (contd …)

Cut-off Bank Statement
 Shorter period of time (10-20
 Bank statement sent directly to
  fraud auditors.
 Compare the cancelled checks,
  etc. with the cut-off bank
 Helpful for finding kiting and

        Cash Schemes
Other Cash Schemes
 Theft of checks (bottom or middle
  of checks).
 Checks may be intercepted or
  payee altered (washing checks).
 Forged endorsements
  (disappearing ink).
 Stolen credit cards.

 Refund schemes.

 Kickback schemes.

             Refund Schemes
   A television station’s former
    accounting director pleaded guilty
    to stealing more $1.8 million from
    her employees and spending it on
    jewelry, paintings, and fur coats.
   She would overpay the station’s
    travel bills and divert the refunds
    to her own credit card bills and
    personal accounts.
   She was sentenced to 7 ½ years
    in prison on a single count of theft
    from CBS affiliate WBBM – TV

Source: AP, “Ex-Accountant at CBS Affiliate Sentenced,” Las
   Vegas Sun, November 5, 2003.                               306
    Accounts Receivable Schemes

 Lapping.
 Fictitious receivables [for a
  fictitious sale], which is later
  written off.
 Borrowing against receivables
  (use receivable as collateral).
 Improper posting of credits
  against receivables.


   Recording of payment on a customer’s
    account some time after receipt of
    payment. Later covered with receipt
    from another customer (robbing Peter to
    pay Paul).
   Lapping is more successful where one
    employee has both custody of cash and
    record keeping responsibility.

  Warning Signs of Lapping

• Increase in complaints.
• Excessive billing errors.
• Delays in posting customer
• Trend of decreasing accounts
  receivable payments.
• Accounts receivable details do
  not agree with the general

          Lapping (cont.)

Audit Steps
 Independently verifying
  customers who do not pay.
 Reviewing write-offs.

 Reviewing customers’
   Compare the checks on a sample
    of deposit slips to the details of
    the customers’ credits that are
    listed on the day’s posting to the
    customer’s account receivables.
   Closely monitor aging accounts.
         How Non-Cash Assets are
         Misappropriated – 2006

Category                            %   Median Loss
Inventory                   16.6%          $55,000
Information                  3.6%           78,000
Securities                   1.5%        1,850,000

 Source: 2006 Wells Report, ACFE.

Inventory Fraud
 Stealing inventory/supplies for personal use or
   for sale at flea markets/garage sales.
 Kickback schemes (vendor/supplier and an
   employee). Sale of unreported inventory at
   inflated prices.
Audit Steps for Inventory Fraud
 Use renumbered inventory tags matched to
   count sheets; use count procedures for work-
   in-progress items; separate duties between
   purchasing and logging receipts of shipments
 Check for same vendors.

 Prices higher than other vendors.

 Purchasing agent does not take vacation.

 Only photocopies of invoices are available.

 Aging of inventory.

 Inventory turnover

 There is data-mining software.

      Stealing Diamond Inventory

   Farrah Daly was charged with
    stealing at least 39 diamonds (1
    to 3 carats), one at a time over
    several years from a diamond
    sorting area.
   She and her husband allegedly
    had friends and others sell the
    approximately $500,000 worth of
    diamonds at pawn shops and
    jewelry stores.

Source: AP, “Ohio Woman Accused of Stealing
   Diamonds,” Las Vegas Sun, November 10, 2003.   313
     Accounts Payable Fraud Red Flags
1.    Duplicate payments (2% of total purchases)
      $80 million times 2% = $1.6 million loss.
     Extract only the numerical digits of an invoice
      number and match on only the numbers portion of
      the invoice.
     Try identifying the dates that are similar such as
      dates that are less than 14 days.
     Try matching on the absolute value of the amount.

2.    Rounded-amount invoices.

3.    Invoices just below approval amounts.

4.    Abnormal invoice volume activity (two invoices one
      month and 60 the next).

5.    Vendors with sequential invoice numbers.
      LC 0002, LC 0003, LC 0004

6.    Above average payments per vendor.

C. Warner and B. G. Dubinsky, “Uncovering Accounts Payable
      Fraud,” Fraud Magazine, July/ August 2006, pp. 29-51.

    Look For Fraud Symptoms

Source Documents.
Journal Entries.

Accounting Ledgers.

    Source Documents

 Checks.
 Employee time cards.

 Sales invoices.

 Shipping documents.

 Expense invoices.

 Purchase documents.

 Credit card receipts.

 Register tapes.

Source Documents Fraud Symptoms

Photocopies   of missing documents.
Counterfeit/false documents.

Excessive voids/credits.

Second endorsements.

Duplicate payments.

Large numbers of reconciling items.

Older items on bank reconciliations.

Ghost employees.

Lost register tapes.

Lots of round numbers.

Too many beginning 9’s.

 Journal Entries Fraud Symptoms


Lacking  supporting documents.
Unexplained adjustments.

Unusual/numerous entries at end
 of period.
Written entries in computer
Many round numbers.

Too many beginning 9’s.

Controls Over Journal Entries
    Controls that prevent or detect unauthorized
     journal entries can reduce the opportunity
     for the quarterly and annual financial
     statements to be intentionally misstated.
     Such controls might include, among other
     things, restricting access to the general
     ledger system, requiring dual
     authorizations for manual entries, or
     performing periodic reviews of journal
     entries to identify unauthorized entries.
    As part of obtaining an understanding of the
     financial reporting process, the auditor
     should consider how journal entries are
     recorded in the general ledger and whether
     the company has controls that would either
     prevent unauthorized journal entries from
     being made to the general ledger or directly
     to the financial statements or detect
     unauthorized entries. Tests of controls over
     journal entries could be performed in
     connection with the testing of journal entries
     required by AU sec. 316.
    Source: PCAOB, p. 21.
                        Unusual Entries
Officer Loan                $40,000
      Cash                                       $40,000

Officers Salary             $40,000
      Officer Loan                               $40,000

Staff Salaries              $40,000
  Officers Salary                                $40,000


Cost of Goods Sold          $35,000
      Inventory                                  $35,000

               [No related sales transaction]


Allowance of Bad Debts $32,000
     Account Receivables                         $32,000


Expense accounts where no department or person has control
 General maintenance account
 General transportation account
 Stationary/ general office supplies
 Scrap disposal accounts
 Suspense and cash sweep accounts
 Deferred asset or liability
 Contra-accounts (bad debt reserve, accumulated depreciation)
 Intercompany accounts
 Accounts over which a sole, domineering, incompetent, or frequently absent
  individual has control.
      Ledger Fraud Symptoms

   Underlying assets disagree.
   Subsidiary ledger different than
    general ledger.
   Investigate and reconcile
    differences between control
    accounts and supporting ledger.
    Difference may be concealed

     Which of these statements are false?

a.   A high degree of competition accompanied by
     declining margins would be an example of an
     opportunity for fraudulent financial reporting.
b.   Personal guarantees of debt of a company that
     are significant to one’s personal net worth is an
     example of a pressure/incentive for fraudulent
     financial reporting.
c.   A heavy concentration of one’s wealth in a
     particular company would be an example of a
     rationalization condition for fraudulent financial
d.   An excessive interest by management in
     maintaining a company’s stock price is an
     example of rationalization for fraudulent financial
e.   Anticipated future layoff would be an example of
     an incentive to misappropriate assets.
f.   A large amount of cash on hand would be an
     example of a rationalization to misappropriate
g.   Inadequate internal controls is an example of an
     opportunity to misappropriate assets.

     Which of these statements are false?
a.    A high degree of competition accompanied by
      declining margins would be an example of an
      opportunity for fraudulent financial reporting. F
b.    Personal guarantees of debt of a company that
      are significant to one’s personal net worth is an
      example of a pressure/incentive for fraudulent
      financial reporting. T
c.    A heavy concentration of one’s wealth in a
      particular company would be an example of a
      rationalization condition for fraudulent financial
      reporting. F (I/P)
d.    An excessive interest by management in
      maintaining a company’s stock price is an
      example of rationalization for fraudulent financial
      reporting. T
e.    Anticipated future layoff would be an example of
      an incentive to misappropriate assets. T
f.    A large amount of cash on hand would be an
      example of a rationalization to misappropriate
      assets. F (O)
g.    Inadequate internal controls is an example of an
      opportunity to misappropriate assets. T

Payroll Schemes
 Ghost Employee: A person on the
  payroll who does not work for that
 False Workers’ Compensation
  claims: Fake injury to collect
  disability payments.
 Commission schemes: Falsify
  amount of sales or the
  commission rate.
 Falsify hours and salary:
  Exaggerate the time one works or
  adjusts own salary.
                    Stop Ghost Employees
   Ensure that the payroll preparation, disbursement and
    distribution functions are segregated.
   Look for paychecks without deductions for taxes or
    Social Security. Completely fictitious employees
    frequently don’t have any.
   Examine payroll checks that have dual endorsements.
    Although most of them are legitimate, two signatures
    could signal the forgery of a departed employee’s
    endorsement, which the thief also endorses and
    deposits into his or her own account.
   Use direct deposits. This method, although not
    foolproof, can cut down on payroll chicanery by
    eliminating paper paychecks and the possibility of
    alteration, forgery and most theft, although it doesn’t
    prevent misdirection of deposits into unauthorized
   Check payroll records for the presence of duplicate
    names, addresses and Social Security numbers.
   On occasion, hand-deliver paychecks to employees and
    require positive identification. If you have leftover
    paychecks, make sure they belong to actual employees,
    not ghosts.
   Be wary of budget variations in payroll expense. Higher-
    than-budgeted labor costs can indicate ghost

Source: J. T. Wells, “Keep Ghosts Off The Payroll,” Journal of Accountancy,
    December 2002.

  Some Employee Schemes (contd …)

Fictitious Disbursements
 Multiple payments to same payee.
 Multiple payees for the same product or
 Inflated invoices.
 Shell companies and/or fictitious
 Bogus claims (e.g., health care fraud and
   insurance claims).
 Overstate refunds or bogus refunds at
   cash register.
 Many fictitious expense schemes (e.g.,
   meals, mileage, sharing taxi, claiming
   business expenses never taken).
 Duplicate reimbursements.
 Overpayment of wages.

   Some Employee Schemes (contd …)

Other Fraud Schemes
 Stealing inventory/scrap.

 Stealing property.

 Theft of proprietary assets.

 Personal use of assets.

 Shoplifting.

 False down grading of products.

 A land flip involves a situation where a
   company decides to purchase land for a
   project. A person or group will find the land and
   buy it under a front name or company. The
   fraudster then increases the price of the land
   before selling it to the company.
 Money laundering is the use of techniques to
   take money that comes from one source, hide
   that source, and make the funds available in
   another setting so that the funds can be used
   without incurring legal restrictions or penalties.

           Forensic Auditing Steps

     Count the Petty Cash Twice in a
     Investigate Suppliers (Vendors)
     Investigate Customers’ Complaints
     Examine Endorsements on
      Canceled Checks
     Add Up the Accounts Receivable
     Audit General Journal Entries
     Match Payroll to Life and Medical
      Insurance Deductions

Source: Jack C. Robertson, Fraud Examination for Managers
and Auditors, Austin, TX: Viesca Books, 2000, pp. 213-216.
    Forensic Auditing Steps (contd …)

       Match Payroll to Social Security
       Match Payroll with Addresses
       Retrieve Customer’s Checks
       Use Marked Coins and Currency
       Measure Deposit Lag Time
       Document Examination
       Inquiry, Ask Questions
       Covert Surveillance

Source: Jack C. Robertson, Fraud Examination for Managers
and Auditors, Austin, TX: Viesca Books, 2000, pp. 213-216.
                   Vendor Allowances
• In exchange for better shelf space or advertisement
mentioning its products, a merchandise vendor will
pay stores an extra fee--an allowance often based
upon the amount of products sold.
• Employees at OfficeMax “fabricated supporting
documents for approximately 3.3 million in claims
billed to a vendor to its retail business.” Six
employees were fired, and CEO Christopher Milliken
• The SEC sued three former executives in December
2004 at Kmart Holding Corp. for their role in a $24
million accounting fraud that booked these allowances
•The SEC settled a case in October 2004 with Ahold
NV involving allegations of fraudulent inflation of
promotional allowances at U.S. Foodservice, Inc. unit.

Source: David Armstrong, “OfficeMax Results To Be Restated; CEO Steps
Down,” WSJ, February 15, 2005, p. A-3.                                  330
            Potpourri of Bribes

   Vernon Jackson admitted to bribery of Rep. William
    Jefferson, D-LA. More than $400,000 to one million
    paid to a company controlled by the congressman’s
    wife in exchange for help promoting iGate. Gave 24%
    stake in iGate and paid $80,000 in travel expenses to
    Africa. [$90,000 found in Jefferson’s freezer.]

   Two prominent Baton Rouge restaurateurs and four
    other businessmen accused of bribing a parish tax
    auditor and an undercover FBI agent with cash,
    diamonds, trips, whiskey and women to avoid paying
    taxes on $10 million, face federal charges.

    An indictment alleges Laymon offered an undercover
    FBI agent posing as an East Baton Rouge Parish
    auditor $800, a weekend trip to Costa Rica and two
    prostitutes a day if he concluded that Arzi’s didn’t owe
    any sales tax. BR Advocate (12-17-06).

          Potpourri of Bribes

   A Greek prosecutor is investigating claims that
    Siemens Greece paid up to $550 million in bribes to
    officials at the defense and interior ministries in order
    to win a security contract for the 2004 Olympic games
    in Athens. A senior Siemens accountant said bribery
    was a common practice at Siemens.

   A Paris judge launched an investigation into
    allegations that Total, a French oil and gas group, paid
    bribes to win a $2 billion gas contract in Iran. The
    investigation stems from the discovery of $82 million
    in two Swiss bank accounts, allegedly by Total to an
    Iranian intermediary to help the French company
    consortium to win an Iranian contract.

   A report claims that AWB, the company responsible for
    selling Australia wheat, paid over $221 million to Alia,
    a Jordanian hauling company, ostensibly to distribute
    its wheat in Iraq. In fact, the money was going to the
    Iraq government.

          Potpourri of Bribes
   Armstrong Williams, an American columnist and
    television host, was paid $240,000 by the Dept. of
    Education to comment regularly on “No Child Left
    Behind,” an education-reform bill.
   Nineteen individuals indicated for receiving bribes and
    rigging bids for school window washing contracts.
   Congressman Randy Cunningham, R-Calif., resigned
    from Congress (2005), hours after pleading guilty to
    taking at least $2.4 million in bribes to help friends
    and campaign contributors win defense contracts.
    Prosecutors said he received cash, cars, rugs,
    antiques, furniture, yacht club dues, moving expenses,
    and vacations from four co-conspirators in exchange
    for aid in winning defense contracts.
   In January 2007, Peter Hartz was given a two year
    suspended prison sentence and fines for bribing the
    head of the labor union ($3.25 million) for secret
    bonuses and fake consultancy fees. Involved sex
    holidays and paying for prostitutes for labor officials.

         Potpourri of Bribes
   In the 1950s in the U.S., record companies would
    pay money for the broadcast of records on radio,
    called payola. Now outlawed.

   In England, police interviewed Prime Minister
    Tony Blair in February 2007, about allegations
    that honors, including seats in the House of Lords
    and Knighthoods, were given to individuals who
    loaned money to the Labour party ($9.8 million).

   Under Bill Clinton, Democratic National
    Committee donors were allowed to spend the
    night in the Lincoln bedroom for a contribution of
    $150,000 (e.g., Chairman of Occidental
    Petroleum). Then in 1997, Clinton made an
    exception so that OP could pursue a venture in

   A lawsuit in February 2007, alleged that Intel
    provided secret kickbacks to Dell in order to
    ensure it remained the computer makers sole
    microprocessor supplier.

 Bribes/ Kickbacks Scenario

Something of Value     Later Influence an Official Act
Cash                   Awarding Selection
Gifts                  Higher Prices
Trips                  Excessive Quantity
Entertainment          Accepting Lower Quality
Drugs                  No, Delayed, or Short Delivery
Sexual favors
Credit cards
Spouse’s high salary
Discounts (e.g.,

•Prove the corrupting influence
circumstantially through factors on the right,
or outsider received more and more business as
the insider gets more and more value.
•Use indirect methods on employee.
      Some Bribery Red Flags
     Lack of standard invoices.
     Requests for fund to be routed to a foreign bank.
     Requests for checks made payable to “cash” or to
      “the bearer.”
     Commission substantially higher than going rate.
     Requests for a large line of credit from a customer.
     Insistence by a government official that a certain
      third-party agent or supplier be used.
     Lack of staff or facilities to actually perform the
     Request by a local agent for a rate increase in the
      middle of negotiations.
     Suggested need to utilize more than one local

Source: M. T. Biegelman and J. T. Bartow, Executive Roadmap
      to Fraud Prevention and Internal Controls, John Wiley,
      2006, pp. 325-326.

Duty to Cooperate

                              Audit Rights
1. Audits under clause 2 may be conducted of:

      a)      the Contractor's practices and procedures as they relate to the Contract, including security
      b)      the manner in which the Contractor performs its obligations under the Contract;
      c)      the compliance of the Contractor's invoices and reports with its obligations under the
      d)      the Contractor's compliance with all its obligations under the Contract;
      e)      the Contractor's compliance with its confidentiality, privacy, security and Commonwealth
              policy obligations under the Contract; and
      f)      any other matters determined by [Agency] to be relevant to the performance of the
              Contractor's obligations under the Contract.
2. Audits

      i.      The Contractor must participate in audits of the Contract at the frequency and in relation to
              the matters specified by [Agency], (including on an ad hoc basis if requested by [Agency]),
              for the purpose of ensuring that the Contract is being properly performed and administered.
              [Agency] may appoint an independent person to assist in the audits. Audits may consider all
              aspects of the Contractor's performance including but not limited to any performance
              indicators, benchmarks or targets.
      ii.     The Contractor must participate promptly and cooperatively in any audits conducted by
              [Agency] or its nominee.
      iii.    Except for those circumstances in which notice is not practicable or appropriate (eg. caused
              by a regulatory request with shorter notice or investigation of theft or breach of contract),
              and without limiting any other right, recourse or remedy of [Agency], must give the
              Contractor reasonable notice of an audit and where reasonably practicable an indication of
              which documents and/or class of documents the auditor may require.
      iv.     Subject to any express provisions in the Contract to the contrary each party must bear its
              own costs of any audits.
      v.      Subject to clauses 2.6 and 3.6, the requirement for, and participation in, audits does not in
              any way reduce the Contractor's responsibility to perform its obligations in accordance with
              the Contract.
      vi.     [Agency] must use reasonable endeavors to ensure that audits performed pursuant to clause
              2.1 do not unreasonably delay or disrupt in any material respect the Contractor's
              performance of its obligations under the Contract.
      vii.    [Any amendments to the Contract resulting from audits must be effected by agreement in
              writing between the parties in accordance with the Contract amendment provisions of the
      viii.   The Contractor must promptly take, at no additional cost to [Agency], corrective action to
              rectify any error, non-compliance or inaccuracy identified in any audit in the way the
              Contractor has under the Contract:
                     (a) supplied any goods or services; or
                     (b) calculated fees, or any other amounts or charges billed to [Agency].
     Purchasing Agent’s Kickback
       He or she doesn’t take time off.
       The purchasing agent has personal financial
       The agent’s lifestyle is too extravagant for his or
        her income.
       Close personal relationship between purchasing
        agent and vendor.
       Favoritism toward one vendor.
       Excessive purchases from one vendor.
       Prices charged are higher than market average.
       Expenditures come in just under the review limit.
       Multiple purchases over a short period.
       Substandard products or services.
       Accelerated payment of invoices.
       Sole-source purchases of merchandise or services.

Be sure different personnel handle the following duties:
vendor approval, purchase requisitions, purchase
approval, receiving, and payment (e.g., separation of

Source: J. T. Wells, “The Case of the Pilfering Purchasing Manager,”
        Journal of Accountancy, May, 2004.

    Red Flags for Phantom Vendors

      Invoices for unspecified consulting or
       other poorly defined services.
      Unfamiliar vendors.
      Vendors that have only a post-office-box
      Vendors with company names consisting
       only of initials. Many such companies are
       legitimate, but crooks commonly use this
       naming convention.
      Rapidly increasing purchases from one
      Vendor billings more than once a month.
      Vendor addresses that match employee
      Large billings broken into multiple smaller
       invoices, each of which is for an amount
       that will not attract attention.

Source: J. T. Wells, “Billing Schemes Part I: Shell Companies
      That Don’t Deliver,” Journal of Accountancy, July, 2002.

    More Phony Vendors Red Flags
       Ensure those involved in purchasing cannot
        approve vendors.
       Before approving a new vendor, evaluate its
        legitimacy by
       Obtaining its corporate records and other relevant
       Checking its credit rating.
       Confirming that it is listed in telephone directories.
       Contacting its references from clients and others.
       Being particularly cautious about a vendor with a
        post-office-box address or a name composed
        entirely of initials.
       Determining whether its business address
        matches any employee’s home address.

Once the company approves a new vendor, the CPA
      should closely monitor the account by

       Watching for increases in the amount or frequency
        of billings.
       Observing variances from budgets or projections.
       Comparing its prices with those charged by other
Source: J. T. Wells, “Billing Schemes Part I: Shell Companies That Don’t
        Deliver,” Journal of Accountancy, July, 2002.

    Some Forensic Accounting

   Chain of Custody.
   Questioned Documents.
   Continuous Controls.
   Timeline Analysis.
   Tracing Schedule.
   Link Analysis.
   Invigilation.
   Genogram.
   Proof of Cash.
   Entity Charts.
   Full - and False – Inclusion Tools.

          Chain of Custody
   Just as in the movies or on a
    television show such as CSI,
    forensic accountants must
    safeguard evidence through a
    financial chain of evidence.
   There must be a way to show that
    the evidence has not been
    tampered with or damaged.
   If documents are seized, the
    forensic accountant should put his
    or her initials and date of the
    seizure on the back of each
   Or put the document in a
    transparent envelope and write a
    description on the envelope.
   Store the original and work only with   343
    a copy.
              Enforcement Manual
Enforcement Manual
History and Custody of Documents                     U.S. Department of Labor
                                                      Pension and Welfare Benefits
                                                 Date _______________________________
Case Number________________________
Case Name __________________________
     22. How were the documents obtained?
 ____ By consent (note any significant comments of the principal or third party
      witness and any unusual circumstances which occurred)?
____ By legal process (describe).
2.    What is the relationship between the documents and the person submitting
     22. Were manual transcripts or facsimile copies made of any of the documents
      either in whole or in part?.
     ______ Yes ______No
     If Yes, list documents copies. Manner of reproduction
     22. Have all copies been compared with the original documents and identified?
      _____Yes _____No
     If No, why not?
      22. Were the original documents described herein under your control or
      supervision at all times prior to their return to the principal, third party witness, or
     _____Yes _____No
     If No, set forth circumstances of any transfer in control.
      22. Did the principal, third party witness, or a representative request access to
      the documents during your custody?
     ___ Yes ___ No
     If Yes, who requested access and what action was taken?

Signature ___________________
Title ________________________

                                                                                   PWBA 219
                                                                                  (May 1987)

                Continuous Monitoring
• Correlation is well suited to environments where there
  are (a) a large number of audit units (departments,
  divisions, franchisees, or customers, etc.), (b) a series of
  time-stamped revenues, expenses or loss amounts, and (c)
  the goal of developing a formal process to compare each
  audit unit against a valid benchmark.

• Correlation and time-series analysis are techniques that
  could be used by forensic accountants in a monitoring
  role to find evidence of intentional or unintentional errors
  in situations where there are many audit units.

• The techniques could be used to proactively search for
  errors without any preconceived belief as to their
  existence, magnitude, or pervasiveness, or where the
  forensic accountant seeks to provide additional evidence
  showing that such errors occurred after the errors were
  detected using some other detection method.

• If intentional errors were discovered using other methods
  of discovery, then the techniques could be used by the
  forensic accountant to show that the revenue or
  expenditure or loss streams of an audit unit differed
  significantly from a valid benchmark.
M. J. Nigrini, “Monitoring Techniques Available to the Forensic Accountant,” J. of Forensic
      Accounting, Vol. 7, 2006, pp. 321-344.
               Continuous Monitoring
• Management engages an independent outside supplier to
  install and manage software to continuously analyze
  every transaction within business applications to detect
  improper activities and anomalies that indicate errors,
  control overrides, and fraud [Oversight Systems].

• The software sorts incidents into errors, misuse, and
  fraud (a detective control).

• Suspicious transactions can be identified and categorized
  for future follow-up.

• Flag items such as manual income-increasing
  adjustments, adjustments made late in the year, large
  dollar amounts.

• Large companies with revenues over $1 billion.

• Over the course of a year monitoring each module (e.g.,
  A/P, Sales, G/L) is designed to cost approximately the
  amount the company would pay for one fulltime internal
  auditor per module.

• One company saved $2 million of external auditing fees
  for using C/M in the 404 area.
D. R. Hermanson, B. Moran, C. S. Rossie, and D. T. Wolfe, “Continuous Monitoring of Transactions to Reduce Fraud,
       Misuse, and Errors,” J. of Forensic Accounting, Vol. 7, 2006, pp. 17-30.
        Timeline Analysis
   Timeline analysis (TA) may be used
    to show the chronology of a dispute,
    and certain software tools can
    prepare trial exhibits.
   Investigative analysis software can
    show all detail from the beginning of
    the event until the apprehension of
    the target.
   TA helps forensic accountants
    communicate the timing of case
    related events and summarizes the
   Each link of the timeline chart
    includes a reference to a source or
    a direct link to a database. An
    insurance fraud scheme timeline
    from i2 Inc is shown in the next
    Table:                                  347
Insurance Fraud Scheme

        Tracing Schedule

   A tracing schedule can be
    used to show the flow of funds
    from bank-to-bank, from bank-
    to-entity, from entity-to-entity,
    or from person-to-person.

   A tracing schedule is helpful in
    money laundering cases.

                  Link Analysis
   Link analysis (LA) is a subset of
    network analysis which shows
    associations between people and
   For example, a link analysis could
    compare the mailing addresses of
    company executives and the cell
    phone numbers that they have
    dialed during a given time frame.
   LA provides crucial relationships
    between many objects of different
    types that are not apparent from
    isolated pieces of data.
   Table 5.1 is an example of LA with
    respect to the primary suspect,
    David Hoover.
Wikipedia, the free encyclopedia, Stuart Weiss,
    “Forensic Accounting Tools and Techniques,” The Value           350
    Examiner, January/ February, 2007, pp. 12-13.
Table 5.1 Link Analysis

   Invigilation is a rather expensive
    investigating technique that can be
    used in potential fraud situations to
    discover the fraud and can later be
    used in the courtroom.
   Here detailed records are kept
    before and after the invigilation
    period to determine the amount of
   During the invigilation period strict
    controls are imposed (e.g.,
    cameras) so that the fraud is
    virtually impossible.
   Or the invigilation period could be
    while the suspect is on vacation.

      Invigilation Technique

               Controls or
No controls     vacation     No controls

  14 days       14 days        14 days

$67,000 lost     $0 lost     $62,000 lost

   A genogram is a pictorial display of
    personal relationships among
    related or unrelated parties.
   There are software programs that
    are custom designed for
    genograms, such as GenoPro 2007
    ($49 at
   Simple symbols represent the
    gender (box for male and circle for
    female), with various lines to
    illustrate family relationships.
   People who are not related would
    not be connected with a line, but
    could be placed on the genogram.
   They can lead to determining the
    motive of a crime or provide
    evidence that the person had no
    direct involvement in the fraud.

              Proof of Cash

   The proof of cash procedure is similar to
    a bank reconciliation, except more
    detailed and extensive.
   This procedure can be used to verify that
    cash accounts on the books are in
    agreement with the cash transactions
    recorded by the bank.
   The Wyoming Department of Audit’s
    proof is shown as Table 5.2.

Table 5.2

                     Entity Charts
    Entity charts show entities and
     owners with the relationship between
    The charts can show how income and
     assets are diverted, particularly
     among seemingly unrelated parties
     and entities.
    Microsoft Excel drawing tools may be
     used to prepare entity charts.
    For example, an entity chart could
     show the creation date of off-shore
     bank accounts and the subsequent
     decrease in the target’s U.S. bank
    Or identification of other unrelated
     parties may suggest additional
     investigation is needed.
D. D. Dorrell and G. A. Gadawski, “Financial Forensics II,” May, 2005, Vol.
     3, No. 3, p. 50.
    Full – and – False Inclusion
   These tests are used to ascertain
    the proper universe of data under
    investigation, so that no
    appropriate data is excluded and
    no extraneous data is included.

   Full-and-false inclusion tests may
    be helpful for finding hidden

      Questioned Documents
Invoices and other documents may be
fake or altered when
 Font sizes or types are not consistent

 No address is shown for the vendor or
   customer; this situation is especially
   suspicious if a vendor has not identified an
   address to which a check can be sent.
 The document has no identifying numbers
   such as invoice number, purchase order
   number, or customer number.
 All invoice numbers – on invoices from
   vendors – are numbered sequentially, with no
   numbers skipped.
 No tax is shown for taxable items.

 No shipping or freight cost is shown for items
   that would have been shipped at the
   purchaser’s expense.
 Little or no detail is provided on the invoice or
T. W. Golden, S. L. Skalak, and M. M. Clayton, A Guide to Forensic Accounting
      Investigation, Hoboken, N.J.: John Wiley & Sons, 2006, pp. 156-157.

         A Stamp Perforation match

Paper shreds demonstrating different optical properties
         under ambient and specialized lighting

    Inks of different intensities used on the same
                                                                                       Exhibit 70A-1

                       Sample Engagement Letter 1—Litigation Services

                                          CPA & Company
                                           Anytown, USA

                                                                                  September 4, 200X

John A. Smith, Esq.
Smith, Smith & Jones
100 Courthouse Way
Anytown, USA

Dear Mr. Smith:

You have asked me to read and analyze certain documents relating to a lawsuit brought against
your client, XYZ Company. You have also asked that I be available to testify at the time of trial
should you decide to use me as an expert witness. Any written reports or other documents that I
prepare are to be used only for the purpose of this litigation and may not be published or used for
any other purpose without my written consent.

Irrespective of the outcome of this matter, I understand that you will compensate me at my
standard hourly rate (currently $___) for all time spent, including travel, whether or not the
engagement is completed or its results are used. You will also compensate me for any out-of-
pocket costs that I may incur. I will submit bills monthly, which are due and payable on receipt
and in all events prior to the commencement of my testimony.

[Optional sentence: Before commencing work on this engagement, I would like a retainer of $___
which will be applied to final billing on this engagement or refunded to the extent that it exceeds
such billing.]

Any controversy or claim arising out of or relating to this contract, or the breach thereof, shall be
settled by binding arbitration, in [insert desired venue], in accordance with the Commercial
Arbitration Rules of the American Arbitration Association, and judgment upon the award rendered
by the arbitrator may be entered in any court having jurisdiction thereof.

I look forward to assisting you in this matter and hope that my services will be beneficial. If you
approve of the engagement terms described above, I would appreciate your signing the enclosed
copy of this letter and returning it to me.

Sincerely yours,                                             Accepted:

John Jones, CPA                                              Name of attorney's firm
                                                                                      Exhibit 70A-2
                       Sample Engagement Letter 2—Litigation Services
                              [Optional additions are bracketed]

                                         CPA & Company
                                          Anytown, USA

                                                                                 September 4, 200X

John A. Smith, Esq.
Smith, Smith & Jones
100 Courthouse Way
Anytown, USA

Dear Mr. Smith:

The purpose of this letter is to summarize our understanding of the assistance that CPA &
Company will provide to you and your client, XYZ, Inc. in the matter of XYZ, Inc. v. ABC
Corporation et al. before the Superior Court of the State of California, County of Los Angeles,
which matter is Case. No. XXXXXX.

You have requested that we assist you with analysis and consultation with regard to the XYZ
litigation matter as you may direct. I would also be prepared to provide testimony at deposition
and trial should you decide that to be appropriate.

I will be responsible for the performance of our engagement with you and your client. My hourly
billing rate is $XXX. From time to time, if necessary, other professionals may also assist when
appropriate and needed. The hourly rates for our professionals are in the following ranges: Senior
managers and managers — $XXX to $XXX; senior accountants and senior consultants — $XXX
to $XXX; and consultants — $XXX to $XXX. [Our hourly rates are subject to change from time
to time. We will advise you immediately if the rates are being adjusted by our firm.]

Fees for our services are based upon the actual time expended on the engagement at the standard
hourly rates for the individuals assigned. In addition to our professional fees, we are reimbursed at
cost for any travel and out-of-pocket expenses. Bills are rendered and are payable monthly as
work progresses. [We reserve the right to defer rendering further services until payment is
received on past due invoices.]

[Our normal practice is to obtain a retainer, and we herewith request such a retainer in the amount
of $XX,XXX. This retainer is not intended to represent an estimate of the total cost of the work to
be performed. The retainer will be held against the final invoice for the engagement; any unused
retainer will be refunded.]

                                                                                        Exhibit 70A-2
                       Sample Engagement Letter 2—Litigation Services

We are certain that you recognize that it is difficult to estimate the amount of time that this
engagement may require. The time involved depends upon the extent and nature of available
information, as well as the developments that may occur as work progresses. It is our intention to
work closely with you to structure our work so that the appropriate personnel from our staff are
assigned to the various tasks in order to keep fees at a minimum.

[Furthermore, you, your client and I, all agree that any dispute over fees charged by our firm in
this engagement will be submitted for resolution by arbitration in accordance with the rules of the
American Arbitration Association. Such arbitration is limited only to the issue of fees charged and
shall be binding and final. In agreeing to arbitration, we each acknowledge that in the event of a
dispute over fees, each of us is giving up the right to have the dispute decided in a court of law
before a judge or jury and instead are accepting the use of arbitration for resolution.]

[You or your law firm or the court itself will advise us (with sufficient notice) of the work to be
performed by us and the requirement for appearance in court. If there is a substitution or change
in the association of attorneys involved in this litigation, we reserve the right to withdraw from this

If the arrangements described in this letter are acceptable to you and the services outlined are in
accordance with your requirements, please sign and return a copy of this letter. We look forward
to working with you in this matter. If I can provide you with any additional information, please do
not hesitate to call me at (555) 123-4567.

The proposed terms of this letter are subject to change if not accepted within 60 days of the date of
this letter.

Very truly yours,

(Name and Title)
CPA & Company

The services described in this letter are in accordance with our requirements and are acceptable to
me and my client.


John A. Smith, Esq.                                                          Date
Smith, Smith & Jones                                                                                  364
The End Is


To top