You are on page 1of 32

Chapter 3

Ethics, Fraud, and Internal


Control

Accounting Information Systems, 3rd edition


James A. Hall

Lecturer: Abdisalam Ali Mahdi

COPYRIGHT © 2001 Thomson South-Western, a part of The Thomson Corporation. Thomson, the Star logo, and South-
Western are trademarks used herein under license
Irwin/McGraw-Hill © The McGraw-Hill Companies, Inc., 1999
Business Ethics
The Role of Management in Maintaining the Ethical Climate

Organization Managers must create and maintain an


appropriate ethical atmosphere; they must limit the
opportunity and temptation for unethical behavior
within the firm.
The individual must be made aware of the firm’s
commitment to ethics above short-term increases in
profit and efficiency.

2
© The McGraw-Hill Companies, Inc., 1999
Irwin/McGraw-Hill
Business Ethics
Ethical Development

Most individuals develop a code of ethics as a result


of their family environment , formal education, and
personal experiences.
Behavioral stage theory suggests that we all go
through several stages of moral evolution before
settling on one level of ethical reasoning.

3
© The McGraw-Hill Companies, Inc., 1999
Irwin/McGraw-Hill
Behavioral Stage Theory

Stage 6 Ethical
Principle
Orientation

Stage 5 Social contract


Orientation

Stage 4 Authority Orientation

Stage 3 Good Boy/Girl Orientation

Stage 2 Reward Orientation

Stage 1 Punishment Orientation

4
© The McGraw-Hill Companies, Inc., 1999
Irwin/McGraw-Hill
Business Ethics

Every ethical decision has both risks and benefits.


Example: implementing a new computer-based
information system in an organization may cause
some employees to lose their jobs, while those who
remain enjoy the benefit of improved working
conditions.
Seeking a balance between these consequences is
the managers’ ethical responsibility.

5
© The McGraw-Hill Companies, Inc., 1999
Irwin/McGraw-Hill
The following ethical principles provide some
guidance in the discharge of this responsibility:

1. Proportionality: The benefit from a decision must


outweigh the risks.
2. Justice: The benefits of the decision should be
distributed fairly to those who share risks.
3. Minimize Risks: the decision should be
implemented so as to minimize all of the risks and
avoid any unnecessary risks.

6
© The McGraw-Hill Companies, Inc., 1999
Irwin/McGraw-Hill
Fraud and Accountant
Fraud- denotes a false representation of a material fact
made by one party to another party with the intent to
deceive and induce the other party to justifiably rely
on the fact on his or her detriment.
Conditions:
1. False represntation
2. Material fact
3. Intent
4. Justifiable Reliance
5. Injury or loss

7
© The McGraw-Hill Companies, Inc., 1999
Irwin/McGraw-Hill
Fraud- in the business environment has amore
specialized meaning. It is an intentional deception,
misappropriation of a company’s assets, or
manipulation of its financial data to the advantage of
the perpetrator.

1. Employee Fraud
2. Management Fraud.

8
© The McGraw-Hill Companies, Inc., 1999
Irwin/McGraw-Hill
Why Fraud Occurs

Fire needs...

Oxygen Fuel

Spark
9
© The McGraw-Hill Companies, Inc., 1999
Irwin/McGraw-Hill
Why Fraud Occurs

What are the 3 prerequisites of fraud?

10
© The McGraw-Hill Companies, Inc., 1999
Irwin/McGraw-Hill
Why Fraud Occurs

Situational
Available
Pressures
Opportunities
an employee is
poor internal
experiencing
controls
financial difficulties

Personal Characteristics
personal morals of individual employees
11
© The McGraw-Hill Companies, Inc., 1999
Irwin/McGraw-Hill
Employee Fraud
Committed by?
non-management personnel
Usually consists of:
an employee taking cash or other assets
for personal gain by circumventing a
company’s system of internal controls

12
© The McGraw-Hill Companies, Inc., 1999
Irwin/McGraw-Hill
Management Fraud
It is perpetrated at levels of management above
the one to which internal control structure
relates.
It frequently involves using the financial
statements to create an illusion that an entity is
more healthy and prosperous than it actually is.
If it involves misappropriation of assets, it
frequently is shrouded in a maze of complex
business transactions.
13
© The McGraw-Hill Companies, Inc., 1999
Irwin/McGraw-Hill
Fraud Schemes

Three categories of fraud schemes


according to the Association of Certified
Fraud Examiners:
A. Fraudulent statements
B. Corruption
C. Asset misappropriation

14
© The McGraw-Hill Companies, Inc., 1999
Irwin/McGraw-Hill
A. Fraudulent Statements

Misstating the financial statements to


make the copy appear better than it is
Usually occurs as management fraud
May be tied to focus on short-term
financial measures for success
May also be related to management bonus
packages being tied to financial
statements

15
© The McGraw-Hill Companies, Inc., 1999
Irwin/McGraw-Hill
B. Corruption
Examples:
 Bribery
 Illegal gratuities
 Conflicts of interest
 Economic extortion

16
© The McGraw-Hill Companies, Inc., 1999
Irwin/McGraw-Hill
C. Asset Misappropriation
Most common type of fraud and often occurs
as employee fraud.
Examples:
1. Making charges to expense accounts to
cover theft of asset (especially cash)
2. Lapping: using customer’s check from one
account to cover theft from a different account
3. Transaction fraud: deleting, altering, or
adding false transactions to steal assets

17
© The McGraw-Hill Companies, Inc., 1999
Irwin/McGraw-Hill
Internal Control Objectives
According to SAS No. 78
1. safeguard assets of the firm
2. ensure accuracy and reliability of
accounting records and information
3. promote efficiency of the firm’s operations
4. measure compliance with management’s
prescribed policies and procedures

18
© The McGraw-Hill Companies, Inc., 1999
Irwin/McGraw-Hill
Exposures of Weak Internal
Controls [=Risk!]
destruction of __________
the asset

theft of _____________
the asset

corruption of______________________
the information system
disruption of______________________
the information system
19
© The McGraw-Hill Companies, Inc., 1999
Irwin/McGraw-Hill
Undesirable Events

Preventive Preventive Preventive Preventive

Levels
of
Detective Detective Detective
Control

Corrective Corrective Corrective

Irwin/McGraw-Hill © The McGraw-Hill Companies, Inc., 1999


Auditing Standards

Auditors are guided by GAAS (Generally Accepted


Auditing Standards)
3 classes of standards
 general qualification standards
 field work standards
 reporting standards
For specific guidance, auditors use the AICPA’s
SASs (Statements on Auditing Standards)

21
© The McGraw-Hill Companies, Inc., 1999
Irwin/McGraw-Hill
SAS No. 78
Describes the relationship between the firm’s
internal control structure,
auditor’s assessment of risk, and
the planning of audit procedures
How do these three interrelate?

The weaker the internal control structure, the higher the assessed
level of risk; the higher the risk, the more auditor procedures applied
in the audit. AIS is particularly concerned with the internal control
structure. 22
Irwin/McGraw-Hill © The McGraw-Hill Companies, Inc., 1999
Five Internal Control Components:
SAS No. 78

1. control environment
2. risk assessment
3. information and communication
4. monitoring
5. control activities
23
© The McGraw-Hill Companies, Inc., 1999
Irwin/McGraw-Hill
1: The Control Environment

integrity and ethics of management


organizational structure
role of the board of directors and the audit
committee
management’s policies and philosophy
delegation of responsibility and authority
performance evaluation measures
external influences--regulatory agencies
policies and practices managing human
resources
24
© The McGraw-Hill Companies, Inc., 1999
Irwin/McGraw-Hill
2: Risk Assessment
identify, analyze, and manage risks
relevant to financial reporting (e.g.):
 changes in external environment
 significant and rapid growth that strain
internal controls
 new product lines or activities with which
the organization has little experience.
 changes in accounting policies

25
© The McGraw-Hill Companies, Inc., 1999
Irwin/McGraw-Hill
3: Information and Communication
The AIS should produce high quality
information which
identifies and records all valid transactions

 provides timely information in appropriate


detail to permit proper classification and
financial reporting
 accurately measures the financial value of
transactions, and
 accurately records transactions in the time
period in which they occurred
SAS 78 requires that auditors obtain sufficient
knowledge of the organization’s information
system 26
© The McGraw-Hill Companies, Inc., 1999
Irwin/McGraw-Hill
4: Monitoring
The process for assessing the quality of
internal control design and operation.

This may be accomplished by


(1) separate procedures--test of controls by internal
auditors
(2) Ongoing activities

27
© The McGraw-Hill Companies, Inc., 1999
Irwin/McGraw-Hill
5: Control Activities
Policies and procedures to ensure that the
appropriate actions are taken in response to
identified risks
 (1) IT controls and (2) Physical controls.
IT Controls: relate specifically to the computer
environment.
 General controls: controls over the data center,

organization databases, systems development,


and program maintenance.
 Applications controls: ensure the integrity of
specific systems such as sales order processing,
accounts payable, and payroll applications
28
© The McGraw-Hill Companies, Inc., 1999
Irwin/McGraw-Hill
 Physical controls: relates primarily to the human
activities employed in accounting systems.

There are six categories of physical control


activities:
 Transaction authorization,
 Segregation of duties,
 Supervision,
 Accounting records,
 Access control, and
 Independent verification.

29
© The McGraw-Hill Companies, Inc., 1999
Irwin/McGraw-Hill
Segregation of Duties

In manual system, separation between:


 authorizing and processing a transaction
 custody and recordkeeping of the asset

30
© The McGraw-Hill Companies, Inc., 1999
Irwin/McGraw-Hill
Transaction Authorization
used to ensure that employees are carrying
out only authorized transactions
Authorizations may be general (everyday
procedures) or specific (non-routine
transactions).
Supervision
a compensation for lack of segregation;

31
© The McGraw-Hill Companies, Inc., 1999
Irwin/McGraw-Hill
Accounting Records
provide an audit trail
Access Controls
help to safeguard assets by restricting physical
access to them
Independent Verification
are independent checks of the accounting system
to identify errors and misrepresentations
 Reviewing batch totals
 Reconciling subsidiary accounts with control
accounts
 Comparing physical assets with accounting records.

32
© The McGraw-Hill Companies, Inc., 1999
Irwin/McGraw-Hill