Send the link below via email or IMCopy
Present to your audienceStart remote presentation
- Invited audience members will follow you as you navigate and present
- People invited to a presentation do not need a Prezi account
- This link expires 10 minutes after you close the presentation
- A maximum of 30 users can follow your presentation
- Learn more about this feature in our knowledge base article
Understanding Key Concepts Surrounding Computer Fraud And Forensic Auditing.
Transcript of Understanding Key Concepts Surrounding Computer Fraud And Forensic Auditing.
surrounding Computer Fraud and Forensic Auditing. "any act involving the use of
deception to obtain an illegal
advantage." (ISACA) Definition of Fraud Recent Example of Computer Fraud SAS No.1 "Codification of Auditing Standards and Procedures".
SAS No.99 "Consideration of Fraud in a Financial Statement Audit". The Corporate and Auditing Accountability, Responsibility, and Transparency Act of 2002 (Sarbanes-Oxley Act) KEY POINTS: * Public Oversight Board
* Increased Audit Committee Responsibilities
* Specifically Prohibited Activities
* Conduct and Administration of the Audit
* Criminal Sanctions and Whistle-Blower Protection ‘A forensic accountant is hired by a company that either suspects a fraud has occurred but doesn’t have proof or that knows a fraud has been perpetrated but doesn’t know how extensive the loss is. Thus, the forensic accountant functions much like a detective. It is his or her goal to find out who perpetrated the fraud, how the fraud was perpetrated, and how much money or other assets the company has lost as a result of the fraud.’ Computer
Fraud Forensic Auditing Definition of Forensic Auditing THE FRAUD TRIANGLE Pressure:
Pressure is what causes a person to commit fraud. Pressure can include almost anything including medical bills, expensive tastes, addiction problems, etc. Most of the time, pressure comes from a significant financial need/problem. Often this need/problem is non-sharable in the eyes of the fraudster. That is, the person believes, for whatever reason, that their problem must be solved in secret. However, some frauds are committed simply out of greed alone. Opportunity:
Opportunity is the ability to commit fraud. Because fraudsters don't wish to be caught, they must also believe that their activites will not be detected. Opportunity is created by weak internal controls, poor management oversight, and/or through use of ones position and authority. Failure to establish adequate procedures to detect fraudulent activity also increases the opportunities for fraud to occur. Of these three elements, opportunity is the leg that organisations have the most control over. It is essential that organisations build processes, procedures and controls that don't needlessly put employees in a position to commit fraud and that effectively detect fraudulent activity if it occurs. Rationalisation:
Rationalisation is a crucial component in most frauds. Rationalisation involves a person reconciling his/her behaviour (stealing) with the commonly accepted notions of decency and trust. Some common rationalisations for committing fraud are:
The person believes committing fraud is justified to save a family member or loved one.
The person believes they will lose everything-family, home, car etc. if they don't take the money.
The person believes that no help is available from outside.
The person labels the theft as "borrowing", and fully intends to pay the stolen money back at some point.
The person, because of job dissatisfaction (salaries, job environment, treatment by managers etc.), believes that something is owned to him/her.
The person is unable to understand or does not care about the consequence of their actions or of accepted notions of decency and trust. What is Computer Fraud? Computer fraud can be defined as the use of a computer to gain unauthorised access to information or perform activities with the explicit goal of gaining material goods at the expense of others through criminal means. While fraud has been around since the advent of humanity, computer fraud is a relatively recent phenomenon, and since computers are so ubiquitous in the everyday lives of most of us, we are all exposed to its dangers to some degree. To be aware of computer fraud and to effectively prevent or, in more unfortunate cases, report it, it is important to know some of the more common forms of computer fraud. Keep in mind, however, that the particular methods of computer fraud evolve at a very fast pace, so “being aware” is an ongoing process. Internet fraud is one of the most common forms of computer crime, since it gives the criminal access to billions of other computers around the globe, and it is conducive to anonymity, making it easier to con unsuspecting users out of their money. Identity fraud, while not always computer-related, is often committed through the use of computers, and it involves the criminal assuming the identity of another person to deceive the fraud victims. Illegal trafficking in sensitive personal data, such as user names, passwords, etc., also constitutes computer fraud. Criminals illegitimately accessing the victims’ email, social networking, or even online banking sites for fraudulent gains is considered computer fraud as well. RED FLAGS! What does a Forensic Accountant do? Auditor's Responsibilty for Detecting Fraud
The current authoritative guidelines on fraud detection are presented in SAS No. 99, Consideration of Fraud in a Financial Statement Audit, which pertains to the following areas of a financial audit:
Description and characteristics of fraud.
Engagement personnel discussion.
Obtaining audit eveidence and information.
Assessing the identified risks.
Responding to the assessment.
Evaluating audit evidence and information.
Communicating possible fraud.
Documenting consideration of fraud. (Hall, 2011) The application of accounting methods to the tracking and collection of forensic evidence, usually for investigation and prosecution of criminal acts such as embezzlement or fraud. (BusinessDictionary.com) ‘Forensic auditing’ refers to the specific procedures carried out in order to produce evidence. Audit techniques are used to identify and to gather evidence to prove, for example,how long the fraud has been carriedout, and how it was conducted and concealed by the perpetrators. Evidence may also be gathered to support other issues which would be relevant in the event of a court case. Such issues could include:
the suspect’s motive and opportunity to commit fraud
whether the fraud involved collusion between several suspects
any physical evidence at the scene of the crime or contained in documents
comments made by the suspect during interviews and/or at the time of arrest
attempts to destroy evidence. (ACCA, 2011) Types of Investigation The forensic accountant could be asked to
investigate many different types of fraud. It is useful to categorise these types into three groups to provide an overview of the wide range of investigations that could be carried out. The three categories of frauds are:
financial statement fraud. Corruption
There are three types of corruption fraud: conflicts of interest, bribery, and extortion. Research shows that corruption is involved in around one third of all frauds.
In a conflict of interest fraud, the fraudster exerts their influence to achieve a personal gain which detrimentally affects the company. The fraudster may not benefit financially, but rather receives an undisclosed personal benefit as a result of the situation. For example, a manager may approve the expenses of an employee who is also a personal friend in order to maintain that friendship, even if the expenses are inaccurate.
Bribery is when money (or something else of value) is offered in order to influence a situation.
Extortion is the opposite of bribery, and happens when money is demanded (rather than offered) in order to secure a particular outcome. (ACCA,2011) Asset misappropriation
By far the most common frauds are those involving asset misappropriation, and there are many different types of fraud which fall into this category. The common feature is the theft of cash or other assets from the company, for example:
Cash theft – the stealing of physical cash, for example petty cash, from the premises of a company.
Fraudulent disbursements – company funds being used to make fraudulent payments Common examples include billing schemes, where payments are made to a fictitious supplier, and payroll schemes, wherepayments are made to fictitious employees (often known as ‘ghost employees’).
Inventory frauds – the theft of inventory from the company.
Misuse of assets – employees using company assets for their own personal interest. (ACCA, 2011) Financial statement fraud
This is also known as fraudulent financial reporting, and is a type of fraud that causes a material misstatement in the financial statements. It can include deliberate falsification of accounting records; omission of transactions, balances or disclosures from the financial statements; or the misapplication of financial reporting standards. This is often carried out with the intention of presenting the financial statements with a particular bias, for example concealing liabilities in order to improve any analysis of liquidity and gearing.
(ACCA, 2011) (Computer Fraud, 2011) (www.boisestate.edu, 2011) (www.boisestate.edu, 2011) Thank You!