Fraud

(973) 822-
822-2220

Overview
Objectives of this program
To introduce participants to internal control guidance relating to
fraud.
Program/Course Level: Overview
Program Content:
• The CPA’s responsibility regarding fraud
1) General duties CPAs have with regard to fraud
2) Duties imposed by:
i. Sarbanes-Oxley Act
ii. SAS 99: the new auditing standard with respect
to fraud
iii. Private Securities Litigation Reform Act (1995)
Advance Preparation: None
Type of Delivery: Live and Group-Internet-Based
Amount of Recommended CPE Credits: 3 - Auditing

1
 Fraud: The Issues
Fraud: The CPA’s Responsibility
Employee Motives for Committing Fraud
Employee Fraud
Prevention of Financial Statement Fraud

Fraud: The Issues

Fraud: The CPA’s Responsibility
Employee Motives for Committing Fraud
Employee Fraud
Prevention of Financial Statement Fraud

2
Fraud: The Issues

I. Fraud: The Issues

A. Fraud’s impact must be addressed by all
CPAs:
1. Public confidence must be restored
2. CPAs are perfectly positioned to help
address the issues of fraud
3. Fraud has destroyed large and small
companies

Fraud: The Issues

4. Fraud: The Associated Cost:
In the Association of Certified Fraud Examiners
release of its second Report to the Nation on
Occupational Fraud and Abuse, the following findings
were noted:
a. Occupational fraud and abuse causes six percent of
business revenue to be lost each year.
b. Losses have been approximated at $600 billion or
$4,500 per employee each year.
c. Over half of the frauds resulted in losses of at least
$100,000 and about one in six resulted in losses in
excess of $1 million.

3
Fraud: The Issues
d. Fraud scheme typically lasted 18 months.
e. The most frequent method for detecting occupational
fraud was a tip from a co-worker, customer, vendor,
or anonymous source. The second most frequent
method of detection was by “dumb luck.”
f. The most common “villain” (93%) was a first-time
offender. Only seven percent of the “villains” had
prior fraud-related convictions.
g. Small businesses are the most likely targets. The
typical fraud of a small business caused over $125,000
in losses. The typical fraud of the public companies
costs nearly $100,000.

Fraud: The Issues

B. The ways fraud is committed:

Three categories of occupational
fraud and abuse:
a. Misappropriations of assets
b. Fraudulent financial statements
c. Corruption
Discussed in detail later

4
 Fraud: The Issues
Fraud: The CPA’
CPA’s Responsibility
Employee Motives for Committing Fraud
Employee Fraud
Prevention of Financial Statement Fraud

Fraud: The CPA’s Responsibility

II. Fraud: The CPA’s Responsibility
A. Introduction
The general duties with regard to fraud mandated by the
Sarbanes-Oxley act, the new Statement on Auditing Standards
(SAS) No. 99, and the Private Securities Litigation Reform Act.
B. Management within a company
a. Officers and directors: General responsibilities
a. Duty of care:
Officers and directors occupy a fiduciary
relationship with the corporation. Directors and
officers are required to act in good faith and
with due care. Legally, they are required to
exercise “that degree of care usually expected of
a reasonably prudent and diligent person under
similar circumstances.”

5
Fraud: The CPA’s Responsibility
b. Duty of loyalty:
Directors and officers must act in the best interest of
the corporation and should refrain from self-
dealing.

Examples: Breach of the Duty of Loyalty:

1. Knowingly and willingly misstating the business
results of the company.
2. Approving related party transactions that benefit
friends or relatives at the expense of the company.
3. Padding personal expense report.
4. Accepting kickbacks or bribes.

10

Fraud: The CPA’s Responsibility

2. Sarbanes-Oxley Act Duties
a. Officers and Directors:
The Chief Executive Officer and Chief Financial
Officer of public companies must personally certify
annual and quarterly SEC filings (Section 302 of the
Act requires)
b. Corporate Responsibility for Financial Reports
1) SEC report being filed has been reviewed
2) Report does not contain any untrue statements
or omit any material facts necessary to make the
statements made not misleading
3) Financial statements fairly present, in all
material respects, the financial position, results
of operations and cash flows

11

6
Fraud: The CPA’s Responsibility

c. Public Company Audit Committees

The audit committee is responsible for
overseeing the appointment, compensation and
work done by the audit firm. Each audit
committee member shall be a member of the
issuer’s board of directors and shall be
independent. The member can only receive
compensation from the issuer for his or her
position on the board of directors and cannot
accept any other compensation from the issuer
or be affiliated with the issuer. The SEC can
exempt persons from these requirements.

12

Fraud: The CPA’s Responsibility

a. The Audit Committee shall establish procedures for:

1) Treatment of complaints received by the issuer
regarding accounting, internal accounting
controls and auditing matters; and
2) Confidential, anonymous submission by the
issuer’s employees concerning questionable
accounting procedures.
b. Authority and funding
Audit committees must be sufficiently funded and
have authority to hire independent advisers.

13

7
Fraud: The CPA’s Responsibility
d. Corporate Responsibility (Sarbanes-Oxley Act)
Corporate Responsibility
Sec. 301 Title 3, Sections 301-308
· Adds a new provision to the Securities Exchange Act
of 1934 relating to Audit Committee Standards:
Makes the Audit Committee responsible for the
appointment, compensation and oversight of the work of
any registered public accounting form employed by the
issuer
Requires members of the Audit Committee be on the
Board of Directors and otherwise independent
Requires Audit Committees to establish procedures for
the receipt, retention and treatment of complaints
received concerning accounting, internal accounting
controls or auditing matters as well as the anonymous
submission by employees concerning questionable
accounting or auditing matters

14

Fraud: The CPA’s Responsibility

Corporate Responsibility
Sec. 302 Title 3, Sections 301-308
• Requires the CEO and CFO to certify with respect to
each annual or quarterly report of the issuer, that:
The signing officer has reviewed the report, and
The report fairly presents, in all material respects, the
Sec. 304 operations and financial condition

• CEOs and CFOs must reimburse their companies for

any bonuses, incentive-based or equity-based
compensation, and any profits realized from the sale
of securities of the issuer during the one-year period
following an accounting restatement due to material
non-compliance

15

8
Fraud: The CPA’s Responsibility
Corporate Responsibility
Title 3, Sections 301-308
Sec. 306 Prohibits insider trades during pension fund blackout periods
when at least 50% of beneficiaries are prohibited from trading.
Blackout periods require 30 days’ prior notice. Profits from such
insider trades share insure to and be recoverable by the issuer,
regardless of any intention on the part of such insider
Sec. 307
Requires the SEC to issue rules setting minimum standards of
professional conduct for attorneys appearing and practicing before
the SEC, including:
Requiring attorneys to report evidence of a material violation of
securities law or breach of fiduciary duty or similar violation by the
issuer to the general counsel or CEO of the issuer,
If the general counsel or officer does not appropriately respond to
the evidence, requiring the attorney to report the evidence to the
Audit Committee or to another committee of the Board comprised
solely of directors not employed by the issuer, or to the Board of
Directors
16

Fraud: The CPA’s Responsibility

a. Corporate Responsibility for Financial Reports

Companies filing Forms 10-K and 10-Q reports must
have the CEOs, CFOs, or similar person certify in
each report that:
i. The report is true, does not contain material
deficiencies and fairly represents the issuer’s
financial position based on the officer’s
knowledge;
ii. The signing officer is responsible for
establishing internal controls, has designed the
controls to ensure that material information is
made known to the officer, and has evaluated
the controls within 90 days of the report;

17

9
Fraud: The CPA’s Responsibility
iii. The signing officer has disclosed to the issuer’s
auditors and the audit committee all significant
deficiencies in internal control design that might
adversely affect the issuer’s ability to process
financial data and also any fraud (whether or not
material) involving management or other
employees with a significant role in the issuer’s
internal controls; and
iv. The signing officer has indicated any significant
changes in internal controls that could affect
internal controls after the date of the evaluation.
The SOA imposes criminal fines of up to $1
million and up to 10 years’ imprisonment for
knowingly making a certification that does not
comply and fines of up to $5 million and
imprisonment of up to 20 years for willfully
certifying a report that does not comply.

18

Fraud: The CPA’s Responsibility

2. Prohibition Against Improper Influence on Audits

No director or officer shall fraudulently influence or
mislead any independent public auditor for purpose of
making the financial statements materially misleading.
This rule is enforceable only by the SEC.
3. Forfeiture of Bonuses and Profits
If an issuer must restate financial papers because of
misconduct, the CEO and CFO must reimburse the
issuer for any bonus or incentive based compensation
received and turn over any profit made from the sale of
the issuer’s securities during a one year period
following the filing. The SEC may exempt officers from
this rule.

19

10
Fraud: The CPA’s Responsibility
4. Officer and Director Bars
The SEC may prohibit any person from acting as an officer or
director of an issuer if the SEC finds such person unfit to serve.
5. Prohibition Against Insider Trades During Pension Blackout
Periods
Directors, officers and insiders may not purchase or sell the
issuer’s securities during a blackout period if the securities
were acquired in connection with their services for the issuer.
A blackout period is one where employees were prohibited
from trading securities in an issuer sponsored retirement plan.
a. Remedies
Any profits resulting from violations of this section are
recoverable by the issuer. Any shareholder can file suit
to recover the profit if the issuer fails to take action
against the officer or director.

20

AICPA Code of Professional Conduct (continued)

6. New section 1513 of Title 18 of the U.S. Code:
Creates criminal liability for anyone who knowingly, with the
intent to retaliate, takes any harmful action against a person
for providing truthful information relating to the commission
or possible commission of any federal offense.
7. New section 1514A of Title 18 of the U.S. Code:
Creates civil liability for companies that retaliate against
whistleblowers. This particular section only applies to
employees of publicly traded companies. It makes it unlawful
to fire, demote, suspend, threaten, harass, or in any other
manner discriminate against an employee for providing
information or aiding in an investigation of securities fraud.
However, in order to trigger these protections, the employee
must report the suspected misconduct to a federal regulatory
or law enforcement agency; an member of Congress or a
committee of Congress; or a supervisor.

21

11
Fraud: The CPA’s Responsibility
8. Civil and criminal penalties for noncompliance
a) It increases the jail term for existing crimes such as
mail fraud and wire fraud from five to twenty
years.
b) It also makes it a crime to destroy documents and
requires auditors of public companies to keep work
papers for at least five years.
c) The Act also authorizes the SEC to freeze
questioned assets during an investigation and
allows courts to order the disgorgement of any
bonuses received by a CEO or CFO resulting from
the company having to restate its financial due to
misconduct.

22

Fraud: The CPA’s Responsibility

e. Independent Auditor: Sarbanes-Oxley Act

Auditors must timely report the following directly to the
audit committee:
a. All critical accounting policies and practices used;
b. Alternative GAAP methods that were discussed
with management, the ramifications of the use of
those alternative treatments, and the treatment
preferred by the auditors; and
c. Any other material written communications
between the auditors and management.

23

12
Polling Question #1
In your opinion, has the initiatives of SOX, Section 404, added value
to financial reporting and been financially (cost) worth the effort:

Added Value Worth the Effort

A. Yes Yes
B. Yes No
C. No Yes
D. No No

23a

Fraud: The CPA’s Responsibility

f. Independent Auditor: SAS 99
The certified public accountant has the responsibility “to plan and
perform the audit to obtain reasonable assurance about whether the
financial statements are free of material misstatement, whether
caused by error or fraud.”
1. Characteristics of Fraud
Fraud is a combination of incentives, pressure, opportunity,
attitude and rationalization. Auditors must have an
understanding of the principle characteristics of fraud.
2. Consider how fraud is committed:
The engagement team is required to consider the various ways
the client could commit material fraud. The relevant factors
are:
a. Nature of the business
b. Management
c. Internal controls
d. Ethical values.

24

13
Fraud: The CPA’s Responsibility
3. Assessing the risk of material fraud requires the following.
Auditors must interview management and other appropriate
personnel of the company to assess the organization’s risk of material
misstatements due to fraud.
a. When performing or planning analytical procedures, consider
unusual or unexpected relationships that have been identified
b. Consider whether fraud risk factors are present.
c. With respect to fraud risks and countermeasures, make inquiry
of the audit committee .
4. Identify risks that may result in misstatements due to fraud.
Assess the significance, likelihood, and pervasiveness of the risk of
fraud.
5. Assess fraud risks of the entity’s programs and controls.
The auditor should evaluate programs and controls designed to
address fraud risks. Factors such as control mechanisms over
management overrides and education, prevention, and deterrence
programs for employees should be considered.

25

Fraud: The CPA’s Responsibility

6. Plan testing based upon the fraud risk assessment.
Once the auditor has assessed the risk of material misstatement due to
fraud, he or she will determine the nature, extent and timing of the
audit procedures.
7. Assess audit test results.
The auditor will evaluate the test results looking for such things as:.
a. Discrepancies in accounting records,
b. Conflicting missing evidential matter,
c. Problematic or unusual relationships between the client and the
auditor.
8. Communication with the Audit Committee.
The auditor must notify the client, even when the suspected fraud is
not material to the financial statements. If the suspected fraud is
material, or involves senior management, the auditor must report the
incident directly to the audit committee.
9. Auditor Documentation: Required.
The auditor must document the various steps taken in assessing the
entity’s risk of material misstatement due to fraud.

26

14
Polling Question #2
In your opinion, what should be the CPA/Auditor’s level of
responsibility regarding fraud:
A. CPA/Auditor should be responsible for detecting all material fraud
B. CPA/Auditor should be responsible for detecting all fraud
C. CPA/Auditor should be responsible for designing an audit program
that should reasonably detect fraud
D. CPA/Auditor should only be responsible for fraud that comes to
his/her attention

26a

Fraud: The CPA’s Responsibility

1. Understand and Document

• Obtain an understanding of internal control.
As part of planning, the auditor is required to perform procedures to
understand the design of controls and whether they have been placed in
operation.
– A control that has been placed in operation is being used.
– The auditor is not required to evaluate the operating effectiveness
of controls during planning.
The auditor may, however, choose to perform some tests
of controls while obtaining an understanding of internal
control if it is more efficient to do so.
The auditor may obtain some evidence about the
operating effectiveness of the controls if procedures
performed to obtain an understanding of internal control
also provide sufficient evidence to serve as tests of
control.
• Document this understanding using flowcharts, questionnaires, narratives,
and/or decision tables.

27

15
Fraud: The CPA’s Responsibility

2. Control Risk Assessment (Tests of

Controls)
Assess control risk and document this
assessment. Any assessment of control risk
at less than the maximum must be based on
evidence provided by tests of controls.

28

Fraud: The CPA’s Responsibility

3. Perform Tests of Control

Perform additional tests of controls if a further reduction in
the assessed level of control risk is desired. Such additional
testing is generally performed only if:
a. Sufficient evidence is likely to be available, and
b. It would be efficient. The auditor evaluates whether the
effort required to perform additional tests of controls is
justified by the expected reduction in substantive
testing.

29

16
Fraud: The CPA’s Responsibility

4. Assess Results
Reassess control risk and document
this assessment.

30

Fraud: The CPA’s Responsibility

5. Substantive Testing
The auditor reviews and modifies
(if necessary) the planned level of
substantive testing to be performed.

31

17
Fraud: The CPA’s Responsibility
INTERNAL CONTROL RISK ASSESSMENT

OBTAIN AN UNDERSTANDING OF
INTERNAL CONTROL SUFFICIENT
U TO PLAN THE AUDIT
(a) Design of policies and procedures
(b) Placed in operation?
(c) Document the understanding

ASSESS CONTROL RISK AT MAXIMUM?

C No
Consider relevancy and adequacy of
Yes
controls, and whether testing controls would
be efficient.

Less Than
Maximum Maximum
Level
ASSESS CONTROL RISK
(a) Use tests of controls to
evaluate operating
effectiveness
(b) Document this
assessment

CONSIDER A FURTHER REDUCTION

P IN THE ASSESSED LEVEL OF
No
CONTROL RISK

A (a)
(b)
Can a lower risk level be supported?
Cost/benefit from additional tests
of controls?

Yes

PERFORM ADDITIONAL
TESTS OF CONTROLS
(a) Reassess control risk
(b) Document assessment
PLAN EXTENSIVE
SUBSTANTIVE TESTS
DESIGN SUBSTANTIVE TESTS

S
DESIGN SUBSTANTIVE TESTS
AT A REDUCED LEVEL

32

Fraud: The CPA’s Responsibility

REVIEW: UNDERSTANDING INTERNAL CONTROL AND ASSESSING CONTROL RISK

1. Understand internal control 1. Understand the operation of the five components

U of internal control.
2. Understand the design of the relevant internal control
policies and procedures.
3. Determine whether the policies and procedures have been
placed in operation.
4. Document the understanding of internal control in order
to plan the audit.

2. Control risk assessment 1. Consider the types of potential misstatements that could
C occur in the financial statements.
2. Identify the policies and procedures that are relevant to
specific management assertions.
3. Determine the appropriate strategy for auditing each
significant assertion.

3. Perform tests of 1. Evaluate the effectiveness of the design and operation of

controls* the policies and procedures.
2. Identify any significant deficiencies in internal control.

P 3. Can a new risk level be supported based upon additional

tests of controls?
Will evidence be available to support the new risk level?
Will the cost of additional tests of controls be more than
offset by a reduction in substantive testing?

4. Assess results 1. Consider a reduction (or increase) in the assessed level of

(based on tests of controls) control risk based on the results of the tests of controls.
A 2. Document conclusions.
Document the basis for the conclusion that the
assessed level of control risk is less than the maximum
level.
Document the conclusion that control risk is assessed
at maximum level. (The basis for the conclusion need
not be documented.)

S 5. Substantive testing Determine the nature, extent and timing of substantive tests
based on the assessed level of control risk and the resulting
acceptable level of detection risk.

33

18
Fraud: The CPA’s Responsibility
G. Independent Auditor: Private Securities Litigation Reform Act:
a. The Private Securities Litigation Reform act (PSLRA), passed
in 1995,requires additional responsibilities for independent
auditors of public companies. It provides that the audit of the
financial statements of a public company must include the
following:
a) Procedures designed to provide reasonable
assurance of detecting illegal acts that would
have a direct and material effect on the
determination of financial statement amounts;

“Illegal Act” Defined:

The term illegal act is defined to mean any act or omission “that
violates any law, rule, or regulation having the force of law.”
b) Procedures designed to identify related party
transactions that are material to the financial
statements or otherwise require disclosure
c) An evaluation of whether there is substantial
doubt about the ability of the issuer to continue
as a going concern during the next fiscal year.

34

Fraud: The CPA’s Responsibility

2. Auditor steps if an illegal act is detected
a) Determining that an illegal act has occurred:
1) Address the possible effect of the illegal act on
the financial statements
2) Notify the appropriate level of management
immediately, and verify that the audit committee
is adequately informed
b) Auditor must determine (regarding company
management)
1) Has senior management taken “timely and
appropriate remedial actions” and
2) Does the failure to take corrective action is
“reasonably expected to warrant departure from
a standard report of the auditor, or consider
resignation from the audit engagement.”

35

19
Polling Question #3
In your opinion, in regards to SOX, Section 404, the CPA/Auditor
should:
A. Express an audit opinion on internal control
B. Express an audit opinion on management’s assertion regarding
internal control
C. Provide assurance regarding the effectiveness of internal control
D. Should only be responsible for assessing internal control in order to
perform the audit of the financial statement

35a

Fraud: The Issues

Fraud: The CPA’s Responsibility
Employee Motives for Committing Fraud
Employee Fraud
Prevention of Financial Statement Fraud

36

20
Employee Motives for Committing Fraud
III. Employee Motives for Committing Fraud
A. Fraud: Three required elements:
The accepted reason for why “good
people” commit fraud is the following:
a. Pressures/Incentives
b. Opportunity
c. Rationalizations/Attitudes

37

Employee Motives for Committing Fraud

B. Pressures/Incentives
Pressure is caused by a financial need. The financial problem can be
personal (excessive personal debt) or professional (their employment
or business is in jeopardy).

Examples of pressures that can lead to fraud:

• Inability to pay one’s bills
• Requirement of meeting earnings to sustain investor
confidence
• Drug or gambling addiction
• Status symbols (big house, nice car)
• Required to meet productivity targets
1. Financial problems and their root in “status”:
All involve some sort of embarrassment, shame, or disgrace. They
threaten the violator’s status as a person who is respected by others.

38

21
Employee Motives for Committing Fraud

C. Opportunity
“Perceived” opportunity creates the means by
which the fraud can be committed. The violator
not only has to be able to steal assets, they need
to be able to do so and believe that they will not
be caught or the fraud itself will not be detected.

39

Employee Motives for Committing Fraud

D. Rationalizations/Attitudes
The majority of violators are first-time offenders with no
criminal past. They do not consider themselves as criminals or
thieves.
1. Common rationalizations include the following:
a) They were only borrowing the asset
b) They were entitled to the asset
c) They had to steal to provide for their family
d) They are underpaid/ employer had cheated them
e) Their employer is dishonest to others and deserved it

40

22
Employee Motives for Committing Fraud
E. The Fraud Model does not always apply:
It does not apply to the “predatory employee” – the
violator who takes a job with the sole intent of
stealing from the company. Frauds are not isolated
events. They typically start as small thefts or
misstatement and they eventually increase in size
and frequency. As the violator repeats the fraud, it
becomes easier to rationalize until not justification is
required.
F. The Fraud Elements Lesson
All three factors must be present for fraud to occur.
When one of the three elements is missing, fraud will
not usually occur. Status (not greed) is the single
most typical motivator for occupational fraud.

41

Employee Motives for Committing Fraud

G.The fraud (elements) consideration:
1. The opportunity:
The threat of punishment is a non-factor with a
violator because they never expect to get caught
2. The rationalization:
They do not view their actions as conduct that is
or should be punishable
3. The pressures/incentives:
The biggest threat to them is that their fraud will
be uncovered. Detection will result in shame. Any
punishment that follows is only a secondary
consideration.

42

23
Employee Motives for Committing Fraud
H. Deterrence program elements:
An effective deterrence program will directly target
the three elements of fraud. To be effective, the
company should:
1. Identify and reduce pressures that might push
employees into committing fraud crimes
2. Identify and reduce perceived opportunities to
commit fraud
3. Educate and communicate in order to dispel
rationalizations for committing fraud

43

Fraud: The Issues

Fraud: The CPA’s Responsibility
Employee Motives for Committing Fraud
Employee Fraud
Prevention of Financial Statement Fraud

44

24
Employee Fraud

IV. Employee Fraud

Key Point
Employee fraud can be listed into
three major categories:
• Financial statement fraud
• Asset misappropriations
• Corruption.

45

Employee Fraud
A. Financial statement fraud defined:
Financial statement fraud is the deliberate misrepresentation of
the financial condition of an enterprise accomplished through
the intentional misstatement or omission of amounts or
disclosures in the financial statements to deceive financial
statement users.
1. Typical Method
Financial statement fraud will involve:
a. Overstating assets, revenues and profits
b. Understating liabilities, expenses and losses.
2. Atypical method:
The overall objective of the misrepresentation may
occasionally require the opposite action (e.g., concealing
over-budget results in a good year in order to have
“cushions” for the next year that is expected to be more
competitive).

46

25
Employee Fraud

B. The impact of financial statement fraud:

Financial statement fraud will have a devastating effect
on the reputation and the financial condition of the
company and employees. The stock market valuation
impact of the financial statement fraud will result in the
company’s stock value falling dramatically overnight,
losing billions of dollars for shareholders.

47

Employee Fraud
C. The CPA: Impact of Financial Statement Fraud
Consequences include:
1. The shame of being escorted into court by police, in
view of family and friends
2. Sentenced to prison
3. A felony conviction
4. Newspaper and television coverage seen by friends,
family and neighbors
5. Loss of personal income
6. Loss of CPA license
7. Large legal fees
8. Expulsion from the AICPA and state societies of CPAs
9. Social outcast

48

26
Employee Fraud
D. The Financial Statement Fraud Culprits
There are three main groups who commit financial statement
fraud.
1. Organized criminals
2. Mid- and lower-level employees
3. Senior management
E. Motive for Committing Financial Statement Fraud
1. Desire to conceal business results.
2. Attempt to maintain their status/control.
3. Sustain income/wealth from company sources (salary,
bonus, stock, and stock options)

49

Employee Fraud
4. Meet or exceed the expectations of stock market analysts
regarding earnings or revenue growth
5. Loan covenants compliance
6. Increase opportunity for asset-based loans
7. Criteria for granting/extending loans required by
lender
8. Criteria set by the parent company
9. Employee performance criteria
10. Merit performance-related compensation
11. In anticipation of a merger, acquisition or sale of
personal stockholding, improve the stock price

50

27
Employee Fraud
12. Demonstrate growth to support a planned stock or
bond offering or sale of the business
13. Shift “surplus” earnings to the next year when current
period budgets have been achieved and there is no
incentive for additional performance, managers may
direct additional earnings into the next year to ensure
they meet new goals
14. Take all write-offs in one “big slam” thus future
earnings should be consistently higher
15. Reduce market expectations, so future growth will be
rewarded
16. Avoid volatile results, maintain consistency
17. Reduce the value of a small/family company during a
divorce
18. If management is planning a buyout, reduce the value
of a corporate unit

51

Employee Fraud
F. Methods of Financial Statement Fraud
The three methods of fraudulent financial statements are:
1. Accounting system: Tricks
The violator uses the accounting system to generate the
results they want. For example:
a. Manipulate the calculation of:
(1) Depreciation
(2) Bad debt expense
(3) Obsolete inventory
b. Vendor invoices can be recorded at the wrong time
(typically, later) to avoid recognizing the expense
and liability
c. Sales might be recorded prematurely to accelerate
income
d. Transactions in the accounting system are real,
however, the dollar amounts are intentionally
incorrect

52

28
Employee Fraud
2. Accounting system: Lies
The violator submits false and fictitious data and
transactions into the accounting system to manipulate
results in a manner greater than can be achieved by simply
“tricking” the accounting system. Examples are:
a. Fictitious sales may be recorded to real or fake
customers
b. Inventory and receivables amounts may be created,
with documents later being forged to support the
“lies”
c. Journal entries might be hidden or miscoded in an
attempt to conceal the fraud
d. Transactions can be concealed through use of
intercompany accounts
e. Transactions in the system have no basis in fact or are
improperly recorded

Key Point
No documentary trail to support certain transactions or balances will be
located unless the violator prepares forged or altered documents to help
support this fraud.
53

Employee Fraud
3. Accounting system: Beyond the system
The violator produces whatever financial statements they
desire by using a personal computer.

Key Point
To catch this type of fraud, trace the financial statements
back to the trial balance and related general ledger from
the accounting system. There should be no documentary
trail to support transactions or balances reported in the
financial statements unless the fraudsters prepare forged
or altered documents to help support this fraud.

54

29
Employee Fraud
G.Financial Statement Fraud: Statistics
According to the 1999 COSO study of approximately 200
financial statement frauds from 1987 to 1997, the most common
fraud schemes were as follows:
1. Revenue Fraud
a. 50% involved manipulation of revenue recognition
b. 26% involved fictitious revenues
c. 24% involved premature revenue recognition
2. Asset Fraud
a. 50% involved overstatement of assets
b. 37% involved overstatement of existing assets
c. 12% involved fictitious or unowned assets
d. 6% involved improperly capitalized costs
3. Liability and Expense Fraud
a. 18% involved understatement of liabilities/expenses
4. Disclosure Fraud
a. 8% involved inappropriate disclosure

55

Polling Question #4
In your opinion, by whom should the audit of “management’s
assessment of internal control” be performed:
A. The same firm that performs the audit of the financial statements
B. A different firm then the one that performs the audit of the financial
statements
C. The company should be able to select any CPA firm they want

55a

30
Employee Fraud
H. Financial Statement Fraud: Methods
The five types of financial statement fraud are:

• Fictitious Revenues
• Timing Differences
• Improper Asset Valuations
• Concealed Liabilities and Expenses
• Improper Disclosures

1. Fictitious Revenues
Fictitious sales typically involve fake or non-existent
customers, however it could involve actual customers.

56

Employee Fraud

Key Point
In December 1999, the Securities and Exchange Commission
issued Staff Accounting Bulletin No. 101, Revenue Recognition
in Financial Statements (SAB 101) which gives additional
guidance on revenue recognition and to cease some
inappropriate practices that had been noted. SAB 101 indicates
that revenue generally is realized or realizable and earned when
all of the following criteria are met:
Persuasive evidence of an arrangement exists;
Delivery has occurred or services have been rendered;
The seller’s price to the buyer is fixed or determinable; and
Collectibility is reasonably assured.

57

31
Employee Fraud
a. Indirect Methods: Fictitious Sales
These methods do not attempt to
overstate gross sales, instead, they
understand those accounts which reduce
gross sales to arrive at net sales. For
example, by understating discounts,
returns and allowances, it will artificially
overstate net sales. There are two basic
methods:
• Failure to record mark down discounts
on merchandise when the sale is made
• Failure to record returns as a reduction
from gross sales

58

Employee Fraud
b. Warning Signs, indicating the possibility of
fictitious revenues
• Excessive growth or unusually high profitability,
when compared to other companies in the same
industry
• Repeatedly reporting negative cash flows from
operations while reporting earnings and earnings
growth.
• Large transactions with related parties or special
purpose entities not in the ordinary course of business
• Significant, unusual, or highly complex transactions,
typically those close to period end that pose difficult
“substance over form” issues
• Unusual increase in the number of days sales in
receivables
• A large volume of sales to companies whose
ownership is not known

59

32
Employee Fraud
2. Timing Differences
Financial statement fraud often involves timing
differences, such as, the recording of revenue and/or
expenses in improper periods. This is done to move
revenues or expenses from one period and the next,
thereby increasing or decreasing earnings.
a. Premature Revenue recognition
Revenue should be recognized when the four
criteria set out in Staff Accounting Bulletin No. 101
have been satisfied:
• Persuasive evidence of an arrangement exists;
• Delivery has occurred or services have been
rendered;
• The seller’s price to the buyer is fixed or
determinable; and
• Collectibility is reasonably assured

60

Employee Fraud
1. Persuasive evidence of an arrangement must exist:
a. The documentation for the arrangement must contain all the final
terms and conditions between the parties and conform to customary
business practices.
1) Incorporation by reference of other signed agreements is
acceptable
2) Signed general purpose agreement followed by complying
purchase orders is acceptable
3) Bifurcation of one contract into two contracts – presents issues
4) All terms and conditions of the arrangement must be finalized
b. All the documentation must be signed by both parties prior to any
revenue recognition
a) Without the customer’s signature – the agreement is not an
enforceable claim on the customer, even if the software has been
delivered
b) Without seller’s signature – the agreement is only an offer by
seller to license and/or sell the product or service
c. Risks and rewards of ownership pass
d. No right of return
e. Not a consignment, demonstration, etc.

61

33
Employee Fraud
2. Delivery has occurred or services have been rendered:
a. Physical delivery occurs upon the transfer of a disk or tape
containing the software, accompanied by documentation, to
customer – not to an intermediary site or a fulfillment house
1) “F.O.B. Shipping Point” or “F.O.B. Destination” –
needs to be specific in the contract
2) Example – software shipped on September 30 – F.O.B.
Destination
3) Does the customer have software testing and
acceptance rights?
b. Electronic Delivery occurs when the customer takes
possession of the software via a download or is provided
with access to the software via a code (“key”)
1) Examples: Software buyouts: network-wide base
generic software pools; list of GA features

62

Employee Fraud
c. Multiple copies of the same software: an obligation to
delivery additional software copies, physically or
electronically, does not impact revenue recognition.
Software duplication is considered incidental to meeting the
delivery criteria
1) Revenue can be recognized upon physical or electronic
delivery of the first copy
2) Should accrue the cost of duplicating the software
d. Multiple licenses of the same software: the price in the
contract is on a per-license basis and the value of the
contract is a function of the number of licenses purchased
by the customer
1) Revenue is recognized when each separately-licensed
software copy is delivered
e. If there is an undelivered element (hardware or software)
that is essential to the functionality of the delivered
software element, delivery has not occurred for purposes of
revenue recognition.

63

34
Employee Fraud
f. Terms and conditions presumed substantive
1) Acceptance
2) Installation or other services
g. Substantial completion
1) Only inconsequential or perfunctory actions
2) Failure to complete would not result in a refund or rejection of
delivered products/services
3) No undelivered elements essential to functionality
h. Multiple element arrangement (MEA): a contract to provide more than one
software product (the “element”), software product and services, or software
product with customer support (PCS)
1) Software arrangements with one element
• Recognize revenue when all the revenue recognition criteria discussed
previously have been met
2) Software arrangements with multiple elements
• Must allocate the contract price to each element based on vendor-
specific objective evidence (VSOE) of fair value
• Recognize the allocated revenue when all the revenue recognition
criteria have been met, on an element-by-element basis

64

Employee Fraud
i. Allocation of contract price to multiple elements
1) Vendor-specific objective evidence (VSOE) is
limited to either of:
• The price charged when the element is sold
separately to other customers – must be
supportable by invoices and auditable
• If the software is not yet sold separately, VSOE is
the price established by management having the
requisite authority
2) Separately stated prices in the contract does not
meet the VSOE requirement
3) List prices do not meet the VSOE requirement

65

35
Employee Fraud
j. Vendor-specific objective evidence of fair value
1) If VSOE does exist for all the elements, or
• All the elements are delivered (exceptions are
PCS and unspecified additional software
products),
• VSOE does exist for all the undelivered elements
(SOP 98-9: Residential Method)
2) VSOE criteria was intentionally made very
narrow, past “front-loading” abuses within the
software industry
• Future deliverables cause valuation issues
• Invoice price (that will not change)

66

Employee Fraud
3. The seller’s price to the buyer is fixed or determinable:
a. Price is stated, not subject to change, and payable in accordance with
normal terms.
b. Any extended payment terms in a software arrangement may indicate
that the price is not fixed or determinable
1) Normal payment terms are net 30 days
2) Need to determine the reason – does that reason jeopardize revenue
recognition?
c. If payment extends for more than twelve months after delivery, the
entire price should be presumed not to be fixed or determinable
d. If payments are a function of the number of units copies or the expected
number of users, the price is not fixed or determinable at the outset of the
arrangement
e. Rationale: the longer the payment terms the greater the risk of price
concessions due to the technological obsolescence of the delivered
software or the introduction of new and improved software
f. Revenue Recognition: if it is determined that the contract price is not
fixed or determinable, revenue is recognized as non-refundable,
contractual payments become due

67

36
Employee Fraud
4. Collectibility is not reasonably assured:
a. Customer financing arrangements need to be reviewed closely
1) Credit issue or competitive issue
b. A past practice of providing concessions to the customer is
difficult to overcome
1) History of concessions (to possibly encourage payment)
2) Concession is defined broadly
c. Customer acceptance clauses need to be evaluated in detail
1) Linking payment terms to acceptance may crate
uncertainty about collectibility upon delivery of the
software
d. Returns must be reasonably estimable
e. Collection is contingent upon some future events, e.g., resale
of the product, receipt of additional funding, or litigation
f. The customer does not have the ability to pay, e.g., it is
financially troubled, it has purchased far more than it can
afford, or it is a shell company with minimal assets

68

Employee Fraud
2. Timing Differences (continued)
b. Long-term Contracts
Managers can “play with” the percentage of completion
and the estimated costs to complete a construction project,
hence, the company will recognize revenues prematurely
and cover-up contract cost overruns.

c. Channel Stuffing/Trade Loading

The sale of an unusually large volume of a product to
customers who are encouraged to over purchase through
the use of large discounts or extended financing terms.

69

37
Employee Fraud

Key Point
The negative consequence is that by “robbing” from the next period’s
sales, it is more difficult to achieve sales goals in the following period, this
leads to increasingly aggressive levels of channel stuffing and ultimately a
restatement. Issues include:
Unrecorded side agreements that grant a right of return, effectively making
the sales into consignment sales
Greater risk of returns for certain products if they cannot be sold before
their shelf life expires.

d. Postponing the proper recording of expenses

The timely recording of expenses is often violated
due to excessive pressures to meet goals and
budget projections

70

Employee Fraud

e. Warning Signs of Possible Timing Difference Fraud

• Excessive growth or unusual high profitability, when
compared to other companies in the same industry
• Repeated reporting negative cash flows from
operations while reporting earnings
• Significant, unusual, or highly complex transaction,
especially near the end of the period end that pose
difficult “substance over form” questions
• Unusual spike in gross margin or margin in excess of
industry standards
• Unusual increase in the number of days sales in
receivables
• Unusual decrease in the number of days purchases in
accounts payable

71

38
Polling Question #5
Have you (and/or the business you worked for) ever been involved
in an issue regarding revenue recognition?
A. Yes – multiple times.
B. Yes – once or twice.
C. No – not that I am aware of.
D. Don’t know

71a

Employee Fraud
3. Failure to properly value assets
Applying the “lower of cost or market value” rule, where
an asset’s cost exceeds its current market value (example:
obsolete technology), it must be written down to lower
market value.

Key Point
It is often necessary to use estimates in accounting. For example,
estimates are used in determining the residual value and the useful life of a
depreciable asset, the uncollectible portion of accounts receivable or the
excess or obsolete portion of inventory. Whenever estimates are used,
there is an additional opportunity for fraud by manipulating those estimates.

72

39
Employee Fraud
3. Improper Asset Valuation (continued)
a. Inventory Valuation
Inventory must be valued at cost except when the cost is higher than the
current market value, inventory should be written down to its current
value which is lower.
• Method of Manipulation
a. Physical inventory counts can be manipulated
b. Unit costs used to price out inventory can be manipulated
c. Failure to reduce inventory for costs of goods sold
d. Programmed fraudulent computer reports that incorrectly
added up values
e. A co-conspirator represents they are to be holding inventory
for the company
f. “Bill and hold” items that have been recorded as sales are
included in the physical inventory count
g. Goods held by the company on consignment
h. Pallets of inventory with empty centers
i. Moving inventory overnight between locations being
observed by auditors
j. Insert phony count sheets or changing quantities on the
sheets during the inventory

73

Employee Fraud

3. Improper Asset Valuation (continued)

b. Accounts Receivable
The two most common fraud methods involving
accounts receivable are fictitious receivables and failure
to write off accounts receivable as bad debts.
1) Fictitious Accounts Receivable
The entry for a fictitious accounts receivable is to
debit accounts receivable credit sale. These schemes
occur most often at the end of the accounting period,
because accounts receivable should be paid in cash
within a reasonable time after period end.

DR: Accounts Rec. $XXX

CR: Sales $XXX

74

40
Employee Fraud
• Auditor Issue: Confirmation
Fictitious accounts receivable will attempt to conceal
by providing false confirmation of balances to
auditors. The mailing address provided for the fake
customers is either a mailbox under violators control,
a home address, or the business address of a co-
conspirator. Such fraud schemes can be detected by
reviewing business credit reports, public records, or
even the telephone book, to identify significant
customers.
• Understating the “Allowance for Doubtful
accounts”
Companies in need of more profits and income will
omit the recognition of such losses because of the
negative impact on the income statement.

75

Employee Fraud
c. Business Consolidations
Violators may attempt to misappropriate the purchase price. Violators
may create excessive reserves for various expenses at the time of
acquisition, planning to utilize those “cookie jars” into earnings at a
future date.
d. Fixed Assets
Fixed assets can be fictitiously created by a variety of schemes. They
are subject to misstatement through many different fraudulent
methods:
1) Recording Fictitious Assets
The false reporting of assets affects the asset balance on a
business balance sheet. The most common fictitious asset
schemes are:
• Fictitious documents being created
• Equipment is leased, not owned, and the asset is capitalized
2) Fixed Asset Valuation Issues
Fixed assets should be reported at cost (NBV). Financial
statement frauds have involved the recording of fixed assets at
the higher market values instead of the lower acquisition costs,
or at even higher inflated values with fake valuations to
documentation.

76

41
Employee Fraud
3) Fixed Asset Understatement (to secure capital expenditure
approval)
Funding may be based on asset amounts. An
understatement can be done directly or through improper
depreciation.
4) Capitalization Policy Violations
Interest and finance charges incurred in the purchase should
be excluded from the cost of a purchased asset.
5) Misclassifying Assets
Due to budget requirement, and many other reasons, assets
are misclassified into general ledger accounts which are
improper. The manipulation affects financial ratios and
conceals non-compliance with loan covenants or other
borrowing requirements.

77

Employee Fraud
6) Warning Signs of Possible Fixed Asset Fraud:
Recurring negative cash flows from operations
while reporting earnings and earnings growth
Significant declines in customer demand and
increasing business failures in either the industry
or overall economy
Assets, liabilities, revenues, or expenses based on
significant estimates that involve subjective
judgments or uncertainties that are difficult to
corroborate
Nonfinancial management’s excessive
participation in or preoccupation with the
selection of accounting principles or the
determination of significant estimates

78

42
Employee Fraud
Unusual spike in gross margin or margin in
excess of industry standards
Unusual increase in the number of days sales in
receivables
Unusual increase in the number of days
purchased in inventory
Allowances for bad debts, excess and obsolete
inventory, that are decreasing in percentage
terms or are out of line with industry standards
Unusual change in the ratios between fixed assets
and depreciation
Adding to assets while the industry is reducing
capital expenditures

79

Employee Fraud
4. Understating Liabilities and Expenses
Pre-tax income will increase when an expense or liability
not recorded. This is less difficult to commit than falsifying
sales transactions. Missing transactions are harder for
auditors to detect than improperly recorded ones because
there is no audit trail.

Key Point
There are three common schemes for understating liabilities and
expenses:
A. Liability/Expense Omissions
B. Capitalized Expenses
C. Failure to Disclose Warranty Costs and Liabilities.

80

43
Employee Fraud
a. Liability/Expense Omissions
Under this method of understating liabilities/expenses the
violator fails to record them. Debit memos can be created for
chargebacks to vendors, for claim permitted rebates or
allowances or simply to create additional income.

Key Point
Wrong-doers often plan to make up for their omitted liabilities with
expectations of other income sources such as profits from future price
increases.
Because they are easy to conceal, understated liabilities are often the
most difficult to uncover. A detailed review of all post-financial-
statement-date transactions can aid in the discovery of omitted
liabilities. Further, the auditor should carefully review the client’s files,
a physical search may uncover concealed invoices and unposted
liabilities.

81

Employee Fraud
V O U C H
Testing for Existence
Testing for Support

ouch

Financial Statements
Trial Balance
General Ledger
Subsidiary Ledger
Books of Original Entry
Source of Documents
Execution of Event
Transaction Approved

race
T R A C E
Testing for Completeness
Testing for Coverage

82

44
Employee Fraud

b. Capitalized Expenses
Capitalizing expenses will result in an
increase to income and assets since
capitalized items are depreciated over a
period of years rather than expensed in
the current period.

83

Employee Fraud
1) Capital expenditures may be expensed
The privately owned business may want to
minimize its net income due to tax issues, or to
increase earnings in future periods.
c. Returns and Allowances and Warranties
A certain percentage of products sold will, be returned. In
warranty liability fraud, the liability is either omitted or
substantially understated.
d. Warning Signs of Possible Liability & Expense Fraud
1) Recurring negative cash flows from operations or
an inability to generate cash flows from operations
while reporting earnings and earnings growth
2) Assets, liabilities, revenues, or expenses based on
significant estimates that involve subjective
judgments or uncertainties that are difficult to
corroborate

84

45
Employee Fraud
3. Nonfinancial management’s excessive participation
in or preoccupation with the selection of accounting
principles or the determination of significant
estimates
4. Unusual spike in gross margin or margin in excess of
industry standards
5. Allowances for sales returns, warranty claims that
are decreasing in percentage terms or are out of line
with industry standards
6. Unusual decrease in the number of days purchases in
accounts payable
7. Reducing accounts payable reduction while the
industry is delaying payments to vendors

85

Employee Fraud
5. Improper Disclosures
Improper disclosures associated with financial statement fraud will
typically involve the following: Liability Omissions, Subsequent
Events, Management Fraud, Related-Party Transactions, and
Accounting Changes.
a. Liability Omissions
Omissions include the failure to disclose loan covenants or contingent
liabilities. These agreements usually contain various types of covenants
including certain financial ratio limits and restrictions.
b. Subsequent Events
Violators ill fail to disclose court judgments and regulatory decisions
that adversely effect the reported values of assets, that indicate
unrecorded liabilities, or that negatively reflect upon management.
c. Management Fraud
Management has the responsibility to disclose to the shareholders
significant fraud committed by officers, executives, and others in
positions of trust. Failure to disclose such information from auditors
would involve lying to auditors, an illegal act in itself.
d. Related-Party Transactions
There is nothing inherently wrong with related-party transactions,
however they must be fully disclosed.

86

46
Employee Fraud
e. Accounting Changes
Violators will fail to restate financial statements or disclose the
cumulative effect of a change in accounting principle made, simply to
improve earnings. They will fail to disclose significant changes in
estimates such as:
1) Depreciable assets’ useful lives and estimated salvage values
2) Estimates of warranty
3) Change the reporting entity.
f. Warning Signs of Possible Disclosure Fraud
1) Domination of management by a single person or small group (in
a nonowner-managed business) without compensating controls
2) Ineffective board of directors or audit committee oversight over
the financial reporting process and internal control
3) Ineffective communication, implementation, support, or
enforcement of the entity’s values or ethical standards by
management or the communication of inappropriate values or
ethical standards
4) Rapid growth or unusual profitability, especially compared to
that of other companies in the same industry
5) Significant, unusual, or highly complex transactions, especially
those close to period end that pose difficult “substance over form”
questions

87

Employee Fraud
6) Significant related-party transactions not in the ordinary
course of business or with related entities not audited or
audited by another firm
7) Significant bank accounts or subsidiary or branch operations
in tax-haven jurisdictions for which there appears to be no
clear business justification
8) Overtly complex organizational structure involving unusual
legal entities or managerial lines of authority
9) Known history of violations of securities laws or other laws
and regulations, or claims against the entity, its senior
management, or board members alleging fraud or violations
of laws and regulations
10) Recurring attempts by management to justify marginal or
inappropriate accounting on the basis of materiality
11) Formal or informal restrictions on the auditor that
inappropriately limit access to people or information or the
ability to communicate effectively with the board of directors
or audit committee

88

47
 Fraud: The Issues
Fraud: The CPA’s Responsibility
Employee Motives for Committing Fraud
Employee Fraud
Prevention of Financial Statement Fraud

89

Prevention of Financial Statement Fraud

V.Preventing Financial Statement Fraud

The 1999 COSO study indicated that either the CEO or the CFO
was involved in 83% of the financial statement frauds studied.
Individuals with high level management positions can use
their authority to override most internal controls, so those
controls can be of limited value in preventing financial
statement fraud. A CPA’s approach to reducing financial
statement fraud is:
i. Reduce pressures
ii. Reduce the opportunity
iii. Reduce rationalization

90

48
Polling Question #6
In your opinion, should SOX have adopted the COSO-Internal
Control/Integrated Framework:
A. Yes, this framework is the “best practices” standard
B. Yes, however, there should be modifications made
C. No, this standard is too high
D. No, there are better standards internationally that should be considered

90a

Prevention of Financial Statement Fraud

A. Reduce pressures
1. Directors and officers should “set the tone”
2. Avoid setting unreasonable financial targets
3. Avoid applying excessive pressure on employees to
achieve goals
4. Adjust goals when market conditions change
5. Establish fair compensation systems
6. Discourage excessive external expectations of future
corporate performance
7. Remove operational obstacles blocking effective
performance

91

49
Prevention of Financial Statement Fraud
B. Reduce the opportunity
1. Maintain strong internal controls
2. Monitor the business transactions and interpersonal relationships
of suppliers, buyers, purchasing agents, sales representatives, and
others
3. Establish a physical security system to secure company assets,
4. Maintain segregation of duties
5. Human resources should have accurate personnel records
including background checks on new employees
6. Establish strong supervision within groups to enforce accounting
procedures
7. Establish clear and uniform accounting procedures with no
exception clauses

92

Prevention of Financial Statement Fraud

C. Reduce rationalization
1. Promote good values and integrity within the organization
2. Clearly define prohibited behavior with respect to accounting and
financial statement fraud
3. Provide regular training to all employees
4. Establish confidential reporting systems to communicate problems
5. Senior executives must communicate to employees that integrity is
a priority
6. Management practices and sets an example by promoting honesty
in the accounting area
7. The consequences of violating the rules and the punishment of
violators should be communicated clearly

93

50
 Polling Question:
• Which is your preference?
A. Questions.
B. Comments.
C. Just give me my CPE Certificate!

94

51