2016 CBI Study Guide - Module 3 - 16a

CPA PROGRAM
CONTEMPORARY
BUSINESS ISSUES
MODULE 3
Version 16a
Published by Deakin University, Geelong, Victoria 3217 on behalf of CPA Australia Ltd,
ABN 64 008 392 452
First published July 2010, updated January 2011, July 2011, revised January 2012,
reprinted with amendments July 2012, revised January 2013, reprinted with amendments July 2013,
revised January 2014, reprinted July 2014, second edition January 2015, updated January 2016.
© 2010–2016 CPA Australia Ltd (ABN 64 008 392 452). All rights reserved. This material is owned or
licensed by CPA Australia and is protected under Australian and international law. Except for personal and
educational use in the CPA Program, this material may not be reproduced or used in any other manner
whatsoever without the express written permission of CPA Australia. All reproduction requests should be
made in writing and addressed to: Legal, CPA Australia, Level 20, 28 Freshwater Place, Southbank, VIC 3006
or legal@cpaaustralia.com.au.
This is an electronic version of the printed study material. Apart from any fair dealing (e.g. for the purposes
of private study) as permitted under the Copyright Act 1968 (Cwlth), no part of this material may be
copied, scanned, transmitted, distributed or reproduced in part or in whole without the permission of
CPA Australia Ltd.
Edited and designed by DeakinPrime

Printed by Blue Star Print Group
ISBN 978 0 7300 0036 5
Authors
Terence Brooks Manager of the Forensic Investigation Unit,
Professional Standards Command of Victoria Police
Courtney Clowes Director, KnowledgEquity
Keith De La Rue Independent Consultant, Speaker and Director, AcKnowledge Consulting
Dr Jane Hamilton Independent Consultant
Marina Kelman General Manager, Mergers and Acquisitions, National Australia Bank
Dr Hayat Khan Lecturer, La Trobe University
Dr Julie Margret Senior Lecturer, La Trobe University
Dean Newlan Consultant to McGrathNicol Forensic
Roger Simnett Professor, University of New South Wales
Dr Siri Terjesen Assistant Professor, Indiana University, USA
2016 updates
Terence Brooks Manager of the Forensic Investigation Unit,
Professional Standards Command of Victoria Police
Keith De La Rue Independent Consultant, Speaker and Director, AcKnowledge Consulting
Susan Jones Founder, Ready Set Startup and Lecturer in Entrepreneurship,
Swinburne University of Technology
Dr Hayat Khan Lecturer, La Trobe University
Dr Tehmina Khan Lecturer, RMIT University
Dr Rahat Munir Senior Lecturer, Macquarie University
Dean Newlan Consultant to McGrathNicol Forensic
Acknowledgments
George Apostolos Senior Forensic Accountant, ASIC
Betty Ferguson Consultant
Dr Dean Hanlon Senior Lecturer, Monash University
Professor Karen Jansen Senior lecturer, Australian National University
Tui McKeown Senior Lecturer in the Department of Management, Monash University.
Dr Áron Perényi Lecturer, Swinburne University of Technology
Advisory panel
Desley Ward CPA Australia
Dianne Harvey Latrobe University
Gavin Ord CPA Australia
John Purcell CPA Australia
Sarah Scoble CPA Australia
Stephen Zigomanis 72 Financial
Terence Brooks Victoria Police
CPA Program team
Kerry-Anne Hoad Alisa Stephens Sarah Scoble
Kristy Grady Yvette Absalom Belinda Zohrab-McConnell
Desley Ward Nicola Drury
Kellie Hamilton Elise Literski
Educational designer
Jan Williams DeakinPrime
Acknowledgment
All legislative material is reproduced by permission of the Office of Parliamentary Counsel, but is not the official or authorised version. It is
subject to Commonwealth of Australia copyright. The Copyright Act 1968 permits certain reproduction and publication of Commonwealth
legislation. In particular, s. 182A of the Act enables a complete copy to be made by or on behalf of a particular person. For reproduction
or publication beyond that permission by the Act, permission should be sought.
These subject materials have been designed and prepared for the purpose of individual study and should not be used as a substitute for
professional advice. The materials are not, and are not intended to be, professional advice. The materials may be updated and amended
from time to time. Care has been taken in compiling these materials but may not reflect the most recent developments and have been
compiled to give a general overview only. CPA Australia Ltd and Deakin University and the author(s) of the material expressly exclude
themselves from any contractual, tortious or any other form of liability on whatever basis to any person, whether a participant in this subject
or not, for any loss or damage sustained or for any consequence which may be thought to arise either directly or indirectly from reliance
on statements made in these materials.
Any opinions expressed in the study materials are those of the author(s) and not necessarily those of their affiliated organisations,
CPA Australia Ltd or its members.
Extracts used from International Accounting Standards are Copyright © International Accounting Standards Committee Foundation.
CONTEMPORARY BUSINESS ISSUES
Module 3
BUSINESS CRIME: INVESTIGATION,
DETECTION AND PREVENTION
TERRY BROOKS AND DEAN NEWLAN
198 | BUSINESS CRIME: INVESTIGATION, DETECTION AND PREVENTION
Contents
Preview 199
Introduction
Objectives
Teaching materials
An overview of forensic accounting 200
Emergence of forensic accounting as a separate discipline
Forensic accounting roles
APES 215 Forensic Accounting Services
Summary
Business crime 204
Defining business crime
Workplace fraud
Externally instigated fraud
Financial statement fraud
Bribery and corruption (local)
Bribery and corruption (international)
Money laundering
Insider trading
Summary
The forensic accountant’s role in investigating business crime 224
Overview
Conducting a business crime investigation
Phase 1: Briefing
Phase 2: Planning and resourcing
Phase 3: Building a profile of the ‘person/s of interest’
Phase 4: Gathering and securing evidence
Phase 5: Analysing evidence
MODULE 3
Phase 6: Reporting
Diagrammatic representation of investigative evidence
Summary
Detecting business crime 245
Overview
Recognising typical symptoms of fraud
The use of financial statement analysis and other analytical methods
Using information technology tools (data analytics)
Summary
Preventing business crime 251
The Australian standard for fraud and corruption control
Principles of fraud prevention
Assessing fraud and corruption risk
The importance of a robust internal control environment
Fraud and corruption control planning
Specific anti-bribery and corruption (‘ABC’) measures
Summary
Review 261
Suggested answers 263
References 273
Optional reading
Study guide | 199
Module 3:
Business crime:
Investigation, detection
and prevention
Study guide
MODULE 3
Preview
Introduction
Businesses face an increasing level of threat from fraud (both by employees and external parties),
corruption and a range of other business crimes. A recent survey, Overcoming Compliance
Fatigue—13th Global Fraud Survey (Ernst & Young 2014), benchmarks business crime trends
across 59 countries through interviews with 2700 business executives. The survey identified not
only fraud in significant volumes but also cybercrime, bribery, corruption and a range of other
illegal and unethical behaviours.
Against this background, there is a growing demand for skilled accountants who are able to
assist victims in the investigation of crimes against their organisations and who can support
law enforcement agencies in the investigation and prosecution of business crime offenders.
The service they provide is a major component of what has become known as ‘forensic
accounting’, a term that has gained increasing acceptance and recognition within the
business community since the early 1990s.
While the loss of stolen property (whether money or other tangible assets) is relatively easy
to quantify once the crime has been detected, the financial impact of many other types
of business crimes is not so easily quantified. The total cost of business crime is therefore
largely hidden. While we can estimate losses due to fraud (from fraud cases actually
detected), we cannot know the full financial effect of sabotage, intellectual property (IP) theft,
unauthorised system access, corruption, insider trading, money laundering, tax evasion,
misuse of position and so on. In some cases, the victim organisation may not even be aware
that it has been the target of a business crime and, indeed, losses are difficult to assess even
when a crime of this nature has been detected.
In this module, we will discuss a selection of the more commonly encountered business crimes
and, in particular, the various forms of fraud and corruption against business, government
agencies and the not-for-profit sector. The module covers planning and executing a business
crime investigation, preparing a forensic accounting report and how such a report may be
presented in court in ways that make clear the outcome of the work that has been done.
Reference is made to APES 215 Forensic Accounting Services, a standard issued by the
Accounting Professional & Ethical Standards Board (APESB).
There is also discussion on the increasingly important area of ‘forensic technology’. While this
specialist activity is likely to be beyond the skills and technical capability of many forensic
accountants, the discussion is included on the basis that there is an increasing number of
cases where digital evidence is critical to the success of a business crime investigation. It is
important for the forensic accountant to be able to communicate effectively with the forensic
technology specialist in order that they can jointly maximise the evidentiary value of electronically
stored information.
Finally, the module addresses how business crime is detected and how it can be prevented.
Reference is made to the Australian Standard AS 8001–2008 Fraud and Corruption Control,
an important source of guidance in the control of fraud and corruption.
Objectives
On completing this module you should be able to:
• explain the concept of ‘forensic accounting’;
• discuss the role of the forensic accountant in investigating, detecting and preventing
MODULE 3
business crime;
• discuss the fundamental principles of fraud detection;
• describe and contrast a range of categories of business crime;
• describe the methods commonly used in financial statement fraud;
• describe the regulatory environment in which forensic accountants operate; and
• discuss the principles of risk management and apply those principles to the management
of business crime risk.
Teaching materials
• Relevant professional guidance
AS 8001–2008 Fraud and Corruption Control
An overview of forensic accounting

Emergence of forensic accounting as a separate discipline
In some ways, forensic accounting is not a new concept. According to Arnold Shields (2009),
archaeological evidence shows that, as far back as 3500 to 3300 BC, the scribes of ancient Egypt,
who were the accountants of their day, were involved in preventing and detecting fraud.
Fast-forwarding to the 19th century, the relationship between the accounting discipline and the
legal profession was established as a necessary outcome of more complex business interactions.
Moving into the 20th century, forensic accounting became more prominent when accountants
started acting as expert financial witnesses in legal proceedings.
Study guide | 201
Perhaps the most famous early example of forensic accounting is that of Elmer Irey, an accountant
with the US Internal Revenue Service, who in the 1930s worked behind the scenes to secure a
conviction against the gangster Al Capone for tax evasion (Shields 2009). Irey was head of the
Special Intelligence Unit at the Treasury Department and assigned one of his special agents,
Frank Wilson, to investigate Capone for tax evasion. This was a formidable task as Capone had
never submitted an income tax return and did not have a bank account. Capone lived opulently,
but did not own property in his name and transacted all his business affairs in cash. He was,
apparently, a difficult man to bring to justice.
Figure 3.1: Elmer Irey and Frank Wilson
MODULE 3
Sources: Library of Congress 2015, ‘Elmer L. Irey, Chief, [Intelligence] Unit, Bureau of Internal Revenue,
9/15/39’, accessed July 2015, http://www.loc.gov/pictures/item/hec2009013966. Library of Congress,
Prints and Photographs Division, photograph by Harris & Ewing, reproduction number: LC-DIG-hec-27268.
Library of Congress 2015, ‘Bosses, U.S. Secret Service, Washington, DC, June 11. A new informal picture of
Frank J. Wilson, Chief of the United States Secret Service, made in his office at the Treasury Department’,
accessed July 2015, http://www.loc.gov/pictures/item/hec2009015485. Library of Congress, Prints and
Photographs Division, photograph by Harris & Ewing, reproduction number: LC-DIG-hec-28788.
The success of this task led to the US Internal Revenue Service recognising the need for and
indeed the value of having investigators trained in financial investigation. To this end, this agency
has produced a number of handbooks and manuals designed specifically to build skills in
financial investigations.
The term ‘forensic accountant’ was reportedly first used by Maurice E. Peloubet in 1946,
although others have claimed the accolade. Max Lourie in 1953 and Robert Lindquist in 1986
declared they invented the term, and G. Kessler later claimed to be the first forensic auditor
(Crumbley & Apostolou 2007).
There is an ever-increasing demand for full-time and part-time forensic accounting practitioners
to perform a variety of tasks. One of the increasingly important roles of forensic accountants is
the investigation of business crime and this is the main focus of this module.
Forensic accounting roles

Table 3.1 outlines the variety of roles that can be undertaken by a forensic accountant in
delivering services across three broad categories:
1. dispute advisory;
2. business crime investigation; and
3. forensic technology.
The roles occur at two distinct levels:

1. reactive; and
2. proactive.
Table 3.1: Forensic accounting roles
Business crime
Dispute advisory investigation Forensic technology
Reactive • Negligent act • Interview of suspects/ • Data recovery

or omission witnesses • Analysis of
• Breach of contract • Funds tracing/recovery complex data
• Misleading and • Discovery • Email monitoring
deceptive conduct • Computerised charting • Social media
• Trademark infringement • Quantification of loss monitoring
• Business valuation • Tactical advice • Tactical advice
• Tactical advice • Expert witness • Expert witness
• Expert witness
Proactive • Dispute avoidance • High level of risk • Data mining

• Assistance in mediation assessment • Penetration testing
• Detailed risk • Information systems
assessment risk assessment
• Fraud control planning
• Integrity benchmarking
Source: CPA Australia 2015.
Forensic accountants play a key role in identifying and investigating business crime. In the
typical case, they may be engaged by a business crime victim to locate, collate and analyse
evidence, identify perpetrators, prepare evidence for use in legal proceedings, quantify the loss
suffered and give expert testimony on what they have found. Increasingly, forensic accountants
MODULE 3
are engaged by clients to conduct an investigation that many would assume to be the role of
the police or other law enforcement agency. This will mean that they will be required not only
to analyse financial evidence provided to them at the commencement of their work, but also to
actually go out and gather the evidence on behalf of their client.
It is an unfortunate fact that the pervasiveness of business crime and the continuing increases in
other complex criminal activity demand more and more resources of law enforcement agencies.
Law enforcement no longer has the capability to investigate every business crime reported to
them as it once did. This will mean increasing opportunities for forensic accountants who will,
in effect, be engaged to step in and do a job once delivered by the state—the investigation
of criminal conduct within business. Ultimately, the prosecution, if there is to be a prosecution,
will be pursued by the state but it will be based largely on the work of forensic accountants who
are engaged and paid by the victim.
Forensic accountants can also be employed by law enforcement and other government agencies
to assist in investigations, particularly with a view to presenting a case in the criminal jurisdiction.
They can also be used for matters in civil proceedings. In Australia, the Australian Federal Police,
the state police services, ASIC, the Australian Taxation Office, the various anti-corruption bodies
around the country and a range of other regulators all have teams of forensic accountants who
provide a vital service in linking complex financial evidence to the conduct of business criminals.
Study guide | 203

The Accounting Professional and Ethical Standards Board (APESB) commenced consultation with
members of the forensic accounting community in 2007 with a view to redeveloping the existing
APESB pronouncements dealing with the forensic accounting discipline. Following a period of
consultation, APESB issued APES 215 Forensic Accounting Services in December 2008 to take
effect from 1 July 2009.
Since that time there has been a number of revisions to APES 215, the most recent resulting
in the reissue of the standard in December 2013 with effect from 1 April 2014. The revisions to
APES 215 have been made to increase clarity and provide additional guidance for practitioners
to enable them to make decisions on such things as the type of forensic service they are
intending to provide and the difference between facts, assumptions and opinions.
Compliance with APES 215 is mandatory for members of CPA Australia when carrying out
forensic accounting assignments.
APES 215 covers the fundamental responsibilities of members. These responsibilities include:
• observance of the public interest obligations;
• professional independence;
• professional competence and due care; and
• confidentiality.
APES 215 also sets out rules to be observed in the provision of four defined types of forensic
service, as well as guidance on changes of opinion, quality control and the basis for charging fees.
APES 215 can perhaps be best described as setting out guidance on matters of conduct and
MODULE 3
professional behaviour along with a range of specific rules to be applied in terms of the format
and content of reports prepared.
When reading APES 215, remember that the mandatory requirements are shown in bold black
lettering.
Failure to observe these requirements can lead to disciplinary proceedings against members of
the accounting bodies bound by this standard. In addition, where the forensic accountant has not
prepared a report in accordance with APES 215, the validity of the report could be undermined,
which may then render the report inadmissible in court proceedings. Finally, APES 215 explicitly
states, under section 5.4:
5.4 A Member who is acting as an Expert Witness shall comply with the following:
(a) The paramount duty to the Court which overrides any duty to the Client or Employer;
(b) A duty to assist the Court on matters relevant to the Member’s area of expertise in
an objective and unbiased manner;
(c) A duty not to be an advocate for a party; and
(d) A duty to make it clear to the Court when a particular question or issue falls outside the
member’s expertise.
You should read APES 215 including the appendices, noting both the rules on behaviour and duties
as well as the guidance on content of forensic accounting reports. APES 215 is available at:
http://www.apesb.org.au/uploads/standards/apesb_standards/13092014103232p1.pdf.
See also the CPA Factsheet on APES 215 at: cpaaustralia.com.au/~/media/corporate/allfiles/

document/professional-resources/ethics/apes-215.pdf.
Summary
Forensic accounting is now well established as a separate discipline within the range of services
offered by accounting practitioners. Tertiary education in forensic accounting is increasingly
offered by universities and colleges while a growing number of second tier and boutique
accounting firms, in addition to the ‘Big 4’, now have specialist forensic divisions that are
capable of carrying out complex business crime investigations.
Increasingly, forensic accountants are being engaged to fulfil the role previously carried out
by the police or other law enforcement agencies. This work is sometimes necessarily funded
by the victims because the police and other law enforcement agencies have limited financial
capacity to engage external resources.
APES 215 has been issued to assist practitioners when undertaking forensic accounting
engagements. An important aspect of our discussion is that one does not need the label
‘forensic accounting specialist’ to be bound by the provisions of APES 215—any accountant
who is member of a professional body that has adopted this standard (including CPA Australia),
and who is delivering any of the services described in APES 215, is subject to that standard and
must comply with its requirements.
In the next section, the concept of ‘business crime’ is discussed along with the impact it has on
victim organisations.
Business crime
MODULE 3
Defining business crime

In 1939, Dr Edward Sutherland, an American academic considered to be one of the most
influential criminologists of the 20th century, developed the concept of ‘white-collar crime’.
He defined it as ‘a crime committed by a person of respectability and high social status in the
course of his occupation’ (Sutherland 1949, p. 9).
Sutherland contrasted the concept of ‘white-collar crime’ with ‘blue-collar crime’, which he
regarded, in essence, as the ‘crime of the streets’. Sutherland’s assumption was that working
class people, or ‘blue-collar’ workers, would not have access to business and business
systems through employment and, therefore, would not be in a situation where they could
commit ‘white‑collar crime’. This assumption is no longer valid. In the current age, we know
‘blue‑collar’ workers can and do commit what Sutherland previously thought of as exclusively
‘white‑collar’ crime.
Sutherland’s definition of white-collar crime is broad and would include fraud, bribery and
corruption, insider trading, money laundering, tax evasion and other activities covered in
this module.
There is no scholarly definition of ‘business crime’, but ‘business crime’ and Sutherland’s definition
of ‘white-collar crime’ are considered equivalents and are often used interchangeably.
Study guide | 205
For the purposes of this module, business crime can be taken to include:
• theft of an organisation’s assets by an outsider or insider;
• fraudulent claims (insurance, social welfare, grant funding fraud);
• false financial reporting within an organisation;
• false financial reporting to an external party in order to gain an advantage (e.g. to a bank
or other financial institution);
• extortion (making an unwarranted demand for payment under threat);
• damage to an organisation’s property by a competitor in order to disrupt business operations;
• a ‘denial of service’ attack on a business’ website;
• theft of intellectual property belonging to a business;
• unauthorised access to computer systems in order to steal or access intellectual property
or other confidential information;
• corruption of the procurement process;
• taxation crime (income tax evasion and GST fraud);
• fraudulent investment schemes (including ‘Ponzi’ schemes);
• insider trading—taking unfair advantage of information known to the perpetrator but not
known to the market generally; and
• other misuse of position for personal gain.
These activities cost the global business community, governments and the not-for-profit sector
billions of dollars every year. In many instances, not only will the victim entity take civil or other
action to attempt to recover losses arising from business crime, the business crimes set out
above can also result in criminal action against the perpetrators.
Note that crimes listed here involving computing and websites are explained in Module 5;
intellectual property is also further discussed in Module 5.
MODULE 3
There can also be administrative and regulatory consequences for organisations, their directors
and executives for failing to establish robust business crime prevention systems and cultures.
In recent years, corporations, in addition to people within the corporations who initiated
criminal behaviours, have been charged and convicted of criminal offences. In some jurisdictions,
there are legal ramifications for directors and senior executives who condone or tolerate a
culture that creates the preconditions for illegal behaviours.
The concept of fraud as a business crime

Fraud falls within Sutherland’s definition of white-collar crime and within our concept of business
crime as set out previously, but we need a more specific definition. The definition of fraud in
AS 8001–2008 Fraud and Corruption Control is a useful starting point:
Dishonest activity causing actual or potential financial loss to any person or entity including theft
of moneys or other property by employees or persons external to the entity and whether or not
deception is used at the time, immediately before or immediately following the activity. This also
includes the deliberate falsification, concealment, destruction or use of falsified documentation
used or intended for use for a normal business purpose or the improper use of information or
position for personal financial benefit. The theft of property belonging to an entity by a person
or persons internal to the entity but where deception is not used is also considered ‘fraud’ for the
purposes of this Standard (AS 8001–2008, para. 1.7.8).
‘Fraud’, as a legal concept, is not usually found in legislation. It is a generic term used to
describe various criminal behaviours such as:
• theft;
• stealing;
• larceny;
• false pretences;
• obtaining property by deception;
• obtaining a financial advantage by deception;
• making or using a false document; and
• false accounting.
It is noteworthy also that the criminal law varies widely between the Australian states/territories
and federally.
Example 3.1: Jurisdictional differences in criminal law

A procurement manager in an Australian company transfers $350 000 from their employer’s bank
account to their own account, and conceals their actions by submitting falsified invoices for services
that were not provided. This appears to be a straightforward case of workplace fraud.
• In Victoria, the procurement manager would be charged with ‘Theft’ under the Crimes Act 1958 (Vic);
• In New South Wales the procurement manager would be charged with ‘Larceny as a Clerk or
Servant’ under the Crimes Act 1900 (NSW);
• In Queensland the procurement manager would be charged with ‘Stealing as a Clerk or Servant’
under the Criminal Code Act 1899 (Qld); and
• If the procurement manager were employed by a Commonwealth entity, the procurement manager
would be charged with ‘Theft’ under the Criminal Code Act 1995 (Cwlth).
MODULE 3
Also, business crime offences in each state/territory and federally sometimes require quite different
‘elements of proof’ (i.e. the matters that need to be proved to the court in order to convict the accused).
The forensic accountant assisting the police or other law enforcement agency in the investigation
of a business crime therefore needs to be mindful of the criminal jurisdiction objectives of the
investigation and be able to communicate effectively with the law enforcement agency that has
ultimate responsibility for the matter.
A useful classification system for fraud and corruption was developed by Joseph T. Wells and
is included in his book Corporate Fraud Handbook—Prevention and Detection (Wells 2013).
Wells’s classification is divided into the three major components of fraud and corruption as
shown in Figure 3.2.
He proposes two fraud types:

1. asset misappropriation involving, in essence, the theft of the organisation’s assets; and
2. fraudulent statements involving manipulation of business records for some financial gain
or benefit for the perpetrator or another party associated with the perpetrator.
He further proposes corruption as a separate concept to the two fraud types.

Study guide | 207
Figure 3.2: Joseph Wells’s fraud and corruption classification
Asset Fraudulent
Corruption
misappropriation statements
Conflicts Illegal Economic Inventory Non-

Bribery Financial
of interest gratuities extortion Cash and all financial
other assets
Source: Adapted from Wells, J. T. 2013, Corporate Fraud Handbook—Prevention and Detection,
4th edn, Wiley & Sons, Hoboken, New Jersey, p. 1.
Wells (2013) then provides a further breakdown of these three major categories. These more
detailed subclassifications provide a summary of specific transactions or conduct that are
included in each major category. Figure 3.3 shows Wells’s breakdown of ‘asset misappropriation’
as a fraud type showing its various subcategories.
Figure 3.3: Asset misappropriation
Asset
misappropriation
Inventory and
Cash
all other assets
MODULE 3
Fraudulent
Larceny Skimming Misuse Larceny
disbursements
Of cash Refunds Asset req.

Sales Receivables
on hand & other & transfers
From the Write-off False sales

Unrecorded
deposit schemes & shipping
Lapping Purchasing
Other Understated
schemes & receiving
Unconcealed
Unconcealed
larceny
Billing Payroll Expense Check Register

schemes schemes reimbursements tampering disbursements
Shell Ghost Mischaracterised Forged False

company employees expenses maker voids
Non- Commission Overstated Forged False

accomplice schemes expenses endorsement refunds
vendor
Workers’ Fictitious Altered
Personal compensation expenses payee
purchases
Falsified Multiple Concealed
wages reimbursements checks
Authorised
maker
Source: Republished with permission of Wiley & Sons, from; Corporate fraud handbook:
prevention and detection by Wells, Joseph T. 4th ed. 2013, Wiley & Sons, Hoboken, New Jersey, p. 1.
Permission conveyed through Copyright Clearance Center, Inc.
An equivalent breakdown for ‘fraudulent statements’ as a fraud type detailing its subcategories
is given later in this module.
The ‘fraud triangle’

Research shows that the perpetrators of workplace fraud are often trusted employees with no
prior criminal history. People inside an organisation have a significant advantage over external
parties when it comes to perpetrating fraud against a given business—they have the ability
to override or circumvent internal controls while external parties have far greater difficulty in
doing so.
Given the proportion of fraud that is committed by people internal to a business, it is worth
considering the sociological/criminological factors in internally instigated fraud.
In the early 1950s, the ‘fraud triangle’ was developed by Dr Donald Cressey in the United States
as a way of explaining why workplace fraud was on the increase. His initial work was based on
interviews with 133 prisoners who were prepared to admit their involvement in workplace fraud
(known then as ‘embezzlement’).
Cressey (1973) proposed three key factors that must be present, all at the same time, in order for
an employee of a business to commit fraud against their employer:
1. perceived pressure;
2. rationalisation; and
3. perceived opportunity.
Figure 3.4 is a summary of these factors and the elements comprising each factor.
MODULE 3
Figure 3.4: The fraud triangle

re
Ra
• Natural perk of the job

ssu
tio
• Gambling • Organisational culture (everybody does it)

pre
na
• Lifestyle • Example set by senior people

lisa
d
• Greed • Perceived low pay

ve
tio
• Drugs • Organisation can afford it

i
rce
• Financial pressure • Organisation overcharges customers

Pe
• Minimal deterrents
Perceived opportunity
• Internal control
• Poor culture
• Technology
• Remote access
Source: Cressey, D. 1973, Other People’s Money, Patterson-Smith, Montclair, New Jersey, p. 30.
Study guide | 209
For example, someone employed in a lowly paid position in a highly profitable business may
experience an inclination to commit fraud in accordance with the following hypothetical scenario:
• Perceived pressure: the person may have a strong desire to achieve a lifestyle standard that
may have been lost or otherwise denied to them but which they perceive is enjoyed by their
peer group.
• Perceived opportunity: the person has control over or access to assets owned by their
employer (cash, property) and has the knowledge and ability to circumvent internal controls
designed to prevent or defeat fraud.
• Rationalisation: the perpetrator may be able to convince themselves that the amount of
funds fraudulently taken was not material to the business and won’t be missed; indeed,
there ‑is a culture of petty theft within the organisation.
Cressey concluded:
Trusted persons become trust violators when they conceive of themselves as having a financial
problem that is non-shareable, are aware that this problem can be secretly resolved by violation
of the position of financial trust, and are able to apply to their own conduct in that situation
verbalizations which enable them to adjust their conceptions of themselves as trusted persons with
their conceptions of themselves as users of the entrusted funds or property (Cressey 1973, p. 30).
Report to the Nations on Occupational Fraud and Abuse—2014 Global Fraud Study
(Association of Certified Fraud Examiners)
The Association of Certified Fraud Examiners’ (ACFE) Report to the Nations on Occupational
Fraud and Abuse—2014 Global Fraud Study (ACFE 2014) provides a useful overview of the extent
and types of fraud in 103 countries. The report is based on case data provided by ACFE members
(referred to as ‘CFEs’) who actually investigated the reported fraud incidents during the period
MODULE 3
1 January 2012 to 31 December 2013. It is an authoritative report looking at the international
incidence, factors and types of fraud.
The main findings of the report (ACFE 2014) were:

• Respondents reported over 1483 fraud incidents in the study period.
• Survey participants estimate that typical organisations lose 5 per cent of revenues to
fraud annually.
• The median loss per fraud incident was USD 145 000.
• Asset misappropriation is the most common fraud/corruption type (85% of reported incidents).
• 42 per cent of detected frauds are detected through ‘tips’ (reports by employees and parties
external to the organisation) with 51 per cent of cases being identified by tips in organisations
with ‘hotlines’ compared with 33 per cent of cases being identified by tips in organisations
without hotlines.
• Tips from employees account for 49 per cent of tips followed by customers, vendors and
even competitors.
• The presence of anti-fraud controls is associated with reduced fraud losses and short
fraud duration.
• Higher value incidents are associated with a higher-level of authority of the perpetrator.
• Recovery of stolen funds is difficult, with only 14 per cent of the cases reported achieving
full recovery of the funds stolen.
➤➤Question 3.1
Review the ACFE’s (2014) report (http://www.acfe.com/rttn/docs/2014-report-to-nations.pdf)
and make brief notes in relation to the following questions. (Note: See the suggested figures in
the report for each question.)
(a) What is the effect on the loss ultimately suffered by the victim organisation of failing to
detect fraud early? (Figure 9)
(b) What proportion of detected frauds are detected by the external audit process? (Figure 11)
(c) What are the three most common means of fraud detection in your region? (Figure 16)
(d) What sectors suffered the highest rates of fraud? (Figure 22)
(e) What are the most common fraud types in your sector? (Figure 24)
(f) What initiatives do organisations rely on to prevent fraud? (Figure 26)
(g) How would you describe the ‘typical fraudster’? (Figures 40–76)
(h) What role does gender play in workplace fraud? (Figures 57–62 and 74)
You can also access an archive of the ‘Report to the Nations’ to gain a historical view of how fraud has
changed since 1996 (see: http://www.acfe.com/rttn-archive.aspx).
Other estimates of fraud

There have been a number of attempts to estimate the annual loss to fraud. The following is a
selection of some of the estimates of fraud published in recent years.
• In April 2012, the Australian Bureau of Statistics estimated the level of ‘personal fraud’
(defined as credit card fraud, identity fraud and ‘scams’) in the financial year 2010–11 at
MODULE 3
AUD 1.4 billion. It estimated that 1.2 million Australians aged 15 years and over were a victim
of at least one incident of personal fraud in the 12 months prior to interview (ABS 2012).
• The Australian Crime Commission ‘conservatively’ estimates the extent of serious and
organised crime in Australia to be AUD 15 billion annually (ACC 2013).
• The Australian Institute of Criminology reported the annual reporting rate of fraud cases to
the Australian police services in 2011–12 at 430 cases per 100 000 people (AIC 2014).
• In 2009–10, there were 702 941 cases of ‘external’ fraud against the Commonwealth (such as
welfare fraud, tax fraud) involving a loss of more than $495 million (AIC 2014).
• Australian payment cards and cheque fraud collectively increased from 15.0 cents per $1000
in 2012 to 16.9 cents per $1000 in 2013. This included an increase in payment card fraud from
43.6 cents to 48.7 cents in every $1000 transacted in 2013, which represents a total annual
fraud rate of $304 million (APCA 2014).
➤➤Question 3.2
Please access the Australian Institute of Criminology report, Australian Crime: Facts &
Figures: 2013 (AIC 2014), available online at: http://aic.gov.au/publications/current%20series/
facts/1-20/2013.html.
Go to the section ‘Fraud and deception-related crime’ in Chapter 2 (located after Figure 27).
(a) Review Table 5. Has the reported rate of fraud been increasing or decreasing in the last
10 years?
(b) What factors do you think might be effecting a change in reporting rates?
(c) What proportion of detected fraud cases are reported to the police?
Study guide | 211
In the remainder of this section, we examine seven categories of business crime:

1. workplace fraud (internally instigated fraud);
2. externally instigated fraud;
3. financial statement manipulation;
4. bribery and corruption (local);
5. bribery and corruption (international);
6. money laundering; and
7. insider trading.
Workplace fraud
Workplace fraud can involve a range of activities, from small-scale theft of inventory to the
fraudulent misappropriation of many millions of dollars in a complex lending fraud within a
major bank. The increased reliance on computerisation, a reduced emphasis on internal controls,
a more mobile and better-educated workforce and the involvement of organised crime in fraud
have all contributed to increased incidence of workplace fraud.
Every workplace fraud will involve a person closely associated with the business whether they
are acting alone, colluding with a colleague or colluding with an external party. Their position
as a trusted agent of the business provides insiders with opportunities that are not available to
external parties.
As a result, for businesses in most sectors, internal fraud is more common than external fraud.
The major exception to this is the financial services sector (banks and other lenders, insurers and
superannuation funds) where fraud by people external to the business represents a relatively
higher proportion of total fraud incidents than internally instigated fraud.
MODULE 3
The following are examples of workplace fraud:
• False invoicing—creating a false invoice for goods or services not provided, for example
creating a fictitious vendor or using the details of a genuine vendor to the business.
• Payroll fraud—processing payroll for an employee who was never employed by the business
or who was employed but who has since left the business.
• Online banking fraud—manipulating account numbers and redirecting funds to a bank
account controlled by an employee.
• Fraudulently claiming expenditure not incurred for the benefit of the business.
• Purchasing assets in the name of the company but intended for personal use.
• Diversion of sales to another business in which the employee holds an interest.
• Manipulating management reporting to secure a performance bonus.
• Redirecting grant funding intended for the perpetrator’s employer.
• Accounts receivable fraud—diverting receipts to an account controlled by the perpetrator
with subsequent writing off of the receivable.
• Theft of cash received during the course of business and covering the shortfall for a period
of time with subsequent receipts.
Example 3.2: Clive Peeters Ltd

Sonya Causer, the payroll manager of Clive Peeters Ltd, a publicly listed national Australian retailer,
manipulated the company’s online banking system to steal more than AUD 19 million from her employer
over a two-year period. Causer was able to make payments to herself that were made to appear to
be payments to genuine payees in the ordinary course of the company’s business.
In order to transfer funds to herself, she prepared an online banking report that made it appear that
the payments had been ‘locked down’ (and therefore were not capable of further amendment) before
seeking authorisation from another member of staff. Once she had this authorisation, she would get
back into the online banking system and change the destination bank account to one of a number
of accounts controlled by her. To cover her tracks, she covertly processed journal entries to move the
debit value around the general ledger.
Causer was able to steal more than AUD 19 million, which she invested in real estate. She pleaded guilty
in the Supreme Court to 24 counts of theft and was sentenced to a non-parole period of five years.
Justice Forrest said in sentencing:

This is one of the largest, if not the largest, thefts perpetrated by a person in a position of
trust in the history of this State. Notwithstanding the fact that a significant amount has been
repaid, the scale of your embezzlement is significant. You were entrusted by the company to
deal with its funds. Your obligation was to carry out your employment tasks honestly. For a
period of two years, month-in month-out, you grossly abused the trust of your employer.
Source: R v. Causer [2010] VSC 341, accessed October 2015,

http://www.lexcel.com.au/wp-content/uploads/2010/08/R-v-Causer.pdf.
Example 3.3: Chartwell Pty Ltd

MODULE 3
The promoters of Chartwell perpetrated Australia’s biggest ever ‘Ponzi’ fraud in 2007–08 that resulted
in investors losing more than AUD 65 million. Many of the victims lost their life savings. In 2011,
the promoter of the fraud pleaded guilty to 34 charges in the Supreme Court.
The promoter (Graeme Hoy) and another Chartwell executive (Ian Rau) also admitted carrying on
an unlicensed financial services business, engaging in dishonest conduct and dishonestly using a
director’s position to gain an advantage. Justice Forrest in sentencing Hoy noted that ‘98 per cent of
funds received by Chartwell were simply stolen from investors’.
Only AUD 429 000 was ever invested. Justice Forrest said the scale of Hoy’s offending was ‘breath-
taking’. Hoy was sentenced to 13 years and nine months jail for his crimes and Rau two years and
nine months’ jail.
Sources: R v. Hoy [2011] VSC 95 (23 March 2011), accessed October 2015,
http://www.austlii.edu.au/au/cases/vic/VSC/2011/95.html.
R v. Rau [2010] VSC 370 (19 August 2010), accessed October 2015,
http://www.austlii.edu.au/au/cases/vic/VSC/2010/370.html.
Study guide | 213
Externally instigated fraud

Fraud can also be instigated by people external to the organisation. As noted previously,
externally instigated fraud tends to be more common in the financial services sector.
The following are examples of externally instigated frauds:
• Identity fraud including using a manufactured identity created from falsified documents to
apply for a loan from a bank or rolling over superannuation funds into a bogus self‑managed
superannuation fund.
• Lending fraud—using falsified business documentation to make it appear that the borrower
(a genuine person or entity) is in a better financial position than it really is.
• Mortgage lending fraud—using false financial information in order to obtain a mortgage
loan secured by a property that doesn’t exist or is valued at far less than the value of the loan.
• Fraudulently redirecting a customer to make payments for goods or services supplied to a
bogus bank account apparently on the instructions of the vendor who supplied the goods
or services.
• Altering payee details on a cheque and the presenting it into an account that matches
the payee.
Example 3.4: Redirection of funds to a bogus account

A customer received a letter apparently from a long-standing genuine provider of services advising
that banking arrangements had changed. The letter instructed all future electronic funds transfers
were to be directed to a new account held at the same branch of the same bank and in a very similar
account name.
No inquiry as to the bona fides of these instructions (i.e. whether they were genuine) were made and
the next time a payment was made, nearly AUD 5 million was transferred to the bogus bank account.
MODULE 3
The genuine service provider inquired with the customer as to why the payment had not been received
and the fraud was discovered. When the fraud was discovered, inquiries with the bank revealed that a
false account had been established by an organised crime gang using information gained from inside
the service provider. The service provider was able to freeze the false account but not before around
AUD 200 000 had already been transferred to another account out of reach of the service provider.
Police were called in but were unable to locate the offenders.
Financial statement fraud

Financial statement fraud can be defined as:
Manipulation of financial reporting in order to convey a misleading impression of the financial
performance or the financial position of a business entity. The purpose of such manipulation can be
many and varied but it is typically associated with improperly obtaining a financial advantage for
an individual or group of individuals.
Wells’s (2013) fraud classification breaks financial statement fraud into five subcategories
(in effect there are five methods of financial statement fraud):
1. timing differences;
2. fictitious revenues;
3. concealed liabilities and expenses;
4. improper disclosures; and
5. improper asset valuation.
These five elements of financial statement fraud are set out in Figure 3.5.
Figure 3.5: Elements of financial statement fraud
Fraudulent
statements
Financial Non-financial
Overstatement Understatement
of assets/ of assets/
revenue revenue
Timing Timing Employment

differences differences credentials
Fictitious Fictitious Internal

revenues revenue documents
Concealed Concealed External

liabilities/expenses liabilities/expenses documents
Improper Improper
disclosures disclosures
Improper Improper
asset valuation asset valuation
MODULE 3
4th edn, Wiley & Sons, Hoboken, New Jersey, p. 341.
The motivation behind someone wishing to overstate assets or revenue of a business is self-evident
(if intentional and not by mistake) but the concept of deliberately understating assets or revenue
may be harder to understand. There are a number of scenarios in which people may wish to
portray financial performance as less than it actually was, for example, to ensure that revenue
or profitability targets are not exceeded (thereby ensuring reduced budget pressure for the
following financial year) and to reduce taxable income.
Ernst & Young (2014) reported that:

It is clear that fraud at any level of the organisation needs to be tackled. What our survey results
show, however, is that executives at senior levels are as likely to justify certain questionable or
unethical acts as their more junior colleagues. This should be a significant concern given their
ability to override internal controls. Six percent of respondents stated that misstating financial
performance is justifiable in order to survive an economic downturn (Ernst & Young 2014, p. 7).
Table 3.2 is a brief summary of each type of financial statement fraud proposed by Wells (2013).
It also provides some examples and an overview of the warning signs for each type.
Study guide | 215
Table 3.2: Financial statement fraud
Fraud type Definition
Timing differences Recording revenue or expenses in incorrect financial periods in

order to give the impression that the entity or business unit is more
profitable (or less profitable) than it actually is. This will mean that
another accounting period will appear to be less profitable (or more
profitable) than it actually is.
Fictitious revenues Recognition of sales of goods or services or other revenues that

did not occur and which would never or are very unlikely to occur.
May involve writing-off debts as bad that have arisen on the
generation of the fictitious revenue.
Concealed liabilities/expenditure Failing to record expenses incurred by the entity or liabilities owed
by the entity (as distinct from timing differences where the expense
will be recorded in another period).
Improper disclosures Failure to disclose relevant and material financial information or

disclosing false information to users of financial information such as:
lenders, investors, regulators, suppliers or customers.
Improper asset valuation Overvaluing an asset to improve the financial position of the entity.
4th edn, Wiley & Sons, Hoboken, New Jersey.
Example 3.5: Enron
MODULE 3
Enron began its corporate life as a small oil and gas pipeline company in the United States in 1985.
It expanded into brokering and trading electricity and other energy commodities. It then began
aggressive and complex dealings in interest rate margins and manipulating energy prices.
By October 2001, the company was in deep financial trouble, which the company’s executives attempted
to conceal by a complex web of financial statement manipulation, illegal off-balance-sheet transactions
and sham partnerships. By the time investors, employees and the public learned of the company’s
crisis, the downward spiral was unstoppable.
In August 2001, former Vice-President for Corporate Development, Sherron Watkins, warned Enron’s
CEO of impending financial problems based on ‘a wave of accounting scandals’. Two months later,
in October 2001, Enron officials announced that the company was actually worth USD 1.2 billion less
than had previously been reported. The difference was due to USD 586 million in overstated income
and the failure to include all the company’s debts in financial reports.
In December 2001, Enron filed for bankruptcy amid a barrage of questions and accusations. Both Enron’s
top managers and its auditor, Arthur Andersen LLP, came under extreme scrutiny.
A number of top Enron executives were convicted of fraud. In addition to Enron employees,
Arthur Andersen was convicted of obstructing justice; however, the decision was overturned on appeal.
You can read more about the Enron case at: http://finance.laws.com/enron-scandal-summary.
Example 3.6: Sigma Pharmaceuticals Ltd

A typical example of financial statement fraud came before the Victorian County Court in July 2015.
The former Managing Director (Elmo De Alwis) and the former Chief Executive Officer (Mark Smith)
of Sigma Pharmaceuticals Ltd pleaded guilty to falsifying the company’s financial reports in 2009 and
2010 in breach of ss. 1307 and 1309 of the Corporations Act.
The falsifications involved overstating income and inventory values with a consequent overstatement
of profitability. Both also acknowledged that they had misled the company’s auditors.
The court heard that the executives caused Sigma to purchase wholesale pharmaceutical drugs at
inflated prices with part of the price paid being returned to Sigma and recorded as revenue. The effect
of this was an overstatement of reported income by AUD 15.5 million for the year to 30 September 2010.
Source: Adapted from ASIC 2015 ‘15-170MR

Former Sigma CEO and CFO plead guilty to falsifying books’, accessed July 2015,
http://asic.gov.au/about-asic/media-centre/find-a-media-release/2015-releases/15-170mr-former-
sigma‑ceo-and-cfo-plead-guilty-to-falsifying-books.
Financial statement fraud is also covered in detail in the Advanced Audit and Assurance subject
in the CPA Program.
Bribery and corruption (local)

The most overt form of corruption is bribery; however, the two terms ‘corruption’ and ‘bribery’
are often used interchangeably, and often used together as a single concept (‘bribery and
corruption’). Other terms that are commonly used to describe bribery and/or corruption include
‘kick-back’, ‘back-hander’, ‘secret commission’, ‘baksheesh’ and ‘graft’.
MODULE 3
Bribery is the giving or offering of a bribe (and the acceptance or solicitation of a bribe) with
a view to gaining some sort of advantage. An example of bribery is the payment of money
or provision of other services free of charge to a person with the power to make a decision
in relation to a purchase of goods and services in order to win the contract to provide those
goods or services.
Businesses need to consider bribery and corruption at two levels:

1. Businesses must consider the effect of bribery on their local operations—the risk of someone
corrupting the integrity of the business by paying or receiving bribes and the financial effect
on the business if that occurred.
2. Businesses operating offshore may also need to be concerned about the same risks in
other countries as well as complying with anti-bribery legislation in the countries in which
they operate.
Bribery and corruption involves a ‘kickback’ to another person in the context of a current or
possible future business transaction. Its effect is to remove some or all of the ‘competitive
tension’ from a business transaction. This often results in the customer or client paying more
than they otherwise might have for the goods or services. Often, the bribe paid is funded by
the increased price for the supply of goods or services with the effect that the employer of
the bribe receiver actually funds the bribe payments.
Study guide | 217
The definition of corruption in AS 8001–2008 (para. 1.7.4) is:

Dishonest activity in which a director, executive, manager, employee or contractor of an entity
acts contrary to the interests of the entity and abuses his/her position of trust in order to achieve
some personal gain or advantage for him or herself or for another person or entity. The concept
of ‘corruption’ within this standard can also involve corrupt conduct by the entity, or a person
purporting to act on behalf of and in the interests of the entity, in order to secure some form of
improper advantage for the entity either directly or indirectly.
Real-life examples of bribery and corruption include:

• payment of cash to a procurement manager in order to win a competitive bid for delivery
of products or services;
• construction of a building project (e.g. house extension, garage, driveway) for a project
manager free of charge or at a reduced rate in order to influence the project manager into
approving work that is of marginal quality; and
• offering alcohol to an employee with access to confidential information in exchange for
client or customer information drawn from a database (e.g. an officer of a vehicle registration
authority providing information that is not normally available to the public).
Example 3.7: Bribery in the manufacturing sector

The procurement manager of a New Zealand-based manufacturer was responsible for awarding
smaller contracts for construction projects and maintenance of the company’s facility. The manager
was authorised to award these contracts to the lowest of three quotations for the work specified.
On several occasions over a three-year period, the procurement manager awarded minor one-off
construction and maintenance work to the same maintenance provider to a total value of around
MODULE 3
NZD 2.5 million. In each case the provider submitted the lowest quotation. The procurement manager
therefore awarded the work to the same contractor on each occasion as it provided the best value
for money.
Investigations uncovered email exchanges between the procurement manager and the principal of
the provider which indicated that the procurement manager routinely indicated the ‘price to beat’
after the other quotations had been received. It was later found that the provider had undertaken a
number of construction projects, free of charge, at a rural property owned by the procurement manager,
including construction of a farm shed and concreting.
Inquiries with other providers who had submitted quotations to the manufacturer revealed that they
would no longer submit quotations as they had heard rumours that one contractor was receiving
favoured treatment.
The procurement manager was dismissed and the maintenance provider was removed from the
company’s approved list of suppliers.
Example 3.8: Operation Fitzroy

Corruption within the public sector is often more visible than within the private sector and is often
subject to more media debate and public comment. This is probably due to a perception that public
sector corruption results in the waste of public money. There have been many cases of alleged public
sector corruption that have been subject to public hearings by Australian anti-corruption bodies using
powerful provisions of their enabling legalisation.
‘Operation Fitzroy’ was one such case. The Independent Broad-based Anti-corruption Commission
(IBAC) conducted an investigation into alleged corruption within the Victorian Department of Transport
between 2006 and 2013. The investigation and public hearings conducted in late 2014 resulted in nine
people being charged with more than 100 ‘alleged offences’ including:
• conspiracy to cheat and defraud;
• obtaining financial advantage by deception;
• misconduct in public office;
• giving and receiving secret commissions; and
• furnishing false information.
The defendants attended court in July 2015 and their case is due to proceed as a ‘complex fraud
committal’.
Source: Adapted from IBAC 2015, ‘IBAC charges nine over alleged transport corruption’,
accessed July 2015, http://www.ibac.vic.gov.au/news-and-features/article/ibac-charges-nine-over-
alleged-transport-corruption. IBAC 2014, ‘Operation Fitzroy’, accessed September 2015,
http://www.parliament.vic.gov.au/file_uploads/WEB_PDF_-_Operation_Fitzroy_special_
report_-_20141027_C6KR27wt.pdf. Australian Broadcasting Commission 2015, ABC News,
‘IBAC probe: Nine men charged over alleged Public Transport Victoria fraud ring granted bail’,
accessed November 2015, http://www.abc.net.au/news/2015-07-06/nine-men-bailed-over-alleged-
public-transport-fraud-ring-by-ibac/6598014.
MODULE 3
Bribery and corruption (international)

International anti-corruption advocate, Transparency International, believes that corruption
is the most critical barrier to worldwide economic development and growth. According to
the World Bank, the total cost of bribery is approximately USD 1 trillion per year (World Bank
& United Nations 2011). This estimate includes bribes paid:
• by businesses to keep their firms operating;
• to get favourable procurement decisions; and
• by users of public services.
Bribery prevents economies from functioning efficiently. No economy is immune to bribery.

However, there can be difficulties in recognising bribes due to differences in perception.
For example, is an extravagant dinner for a potential contract-awarding authority officer a
bribe or simply building a business relationship? The line between the two is often blurred and
difficult to determine. In some contexts such an action might be deemed merely honouring
a social commitment; in others contexts, the same action could be seen as a bribe.
Study guide | 219
Example 3.9: AWB Ltd

Established in 1939, the Australian Wheat Board was privatised as AWB Ltd in 1999. The organisation
operated as a monopoly (a single buyer of a product from a large number of sellers). Australian
farmers sold their wheat to the AWB, which then sought to achieve the highest price internationally
for Australian wheat.
In 1990, the United Nations (UN) placed a trade and financial embargo on Iraq after it invaded Kuwait.
The sanctions were intended to stop military escalation in Iraq by weakening the Iraqi economy.
The action was successful, but led to immense food shortages and a humanitarian crisis throughout
the country. In 1995, the UN responded with the Oil-for-Food Programme that permitted Iraq to
sell oil for humanitarian supplies (food, medicine and other such necessities). Seemingly, from 1999,
bribery and extortion were widespread throughout Iraq.
The AWB contravened the UN Oil-for-Food Programme. By 2005, it was discovered that the AWB
had paid kickbacks in excess of USD 220 million to the Iraqi regime for increasingly beneficial wheat
contracts. At the end of the UN Oil-for-Food Programme, several subsequent investigations determined
that the Iraqi regime had obtained in excess of USD 1.7 billion from numerous companies in different
countries through fraudulent activities such as kickbacks and inflated charges on various transactions,
including transportation fees. In addition, USD 10.9 billion was gained through illegal oil smuggling.
Example 3.10: Rio Tinto Ltd

A prominent bribery case involved Stern Hu, an employee of Rio Tinto’s iron ore division in China and
head of the company’s Shanghai Office, who was jailed for 10 years after being convicted of bribery
and stealing trade secrets in China.
Hu was convicted of receiving kickbacks from private China-based steel mills in exchange for providing
MODULE 3
access to iron ore at better prices than they could get from Chinese suppliers. He pleaded guilty to
the bribery charges. He was also convicted of stealing Chinese ‘state secrets’ (though these would
not have been considered state secrets in Australia).
Source: Adapted from Sainsbury, M. 2010, ‘Rio Tinto’s Stern Hu jailed for 10 years’, The Australian,
accessed November 2015, http://www.theaustralian.com.au/business/mining-energy/
rio-tintos-stern-hu-jailed-10-years/story-e6frg9df-1225847088979.
Rio Tinto’s experience underscores the risks involved in doing business in other jurisdictions,
and the need to understand the legal environment in which business is conducted.
Firms operating in jurisdictions outside their home country should develop internal controls to
reduce their risks. Critical internal controls include making sure that there is access to accurate
local legal advice wherever the business operates. A business operating overseas should
work with its local legal advisers to understand what business practices may be illegal in the
jurisdiction. Company managers who are transferred to a new national environment should also
be made aware of the local legal environment.
Example 3.11: Siemens AG

The largest international bribery case in the world involved German company Siemens AG. Siemens
paid bribes on a massive scale over a period of more than six years. Corrupt payments were made
to customers in Venezuela, Israel, Mexico, Bangladesh, Argentina, Vietnam, China, Russia and Iraq.
Partly as a result of paying bribes on this scale, Siemens generated profits of more than USD 1.1 billion.
Siemens was ordered to repay USD 350 million to settle the US Securities and Exchange Commission’s
(SEC’s) charges and a USD 450 million fine to the US Department of Justice to settle criminal charges.
Linda Chatman Thomsen, Director of the SEC’s Division of Enforcement, said:

This pattern of bribery by Siemens was unprecedented in scale and geographic reach.
The corruption alleged in the SEC’s complaint involved more than $ U1.4 billion in bribes to
government officials in Asia, Africa, Europe, the Middle East, and the Americas (U.S. Securities
and Exchange Commission 2008).
Siemens made thousands of payments to third parties in ways that obscured the purpose for, and the
ultimate recipients of, the money. Employees of Siemens obtained large amounts of cash from cash
desks (i.e. internal counters to distribute cash for this purpose), and the cash was sometimes transported
in suitcases across international borders for the purposes of bribery.
Source: U.S. Securities and Exchange Commission 2008, Press Release:

‘SEC charges Siemens AG for engaging in worldwide bribery’,
accessed August 2015, https://www.sec.gov/news/press/2008/2008-294.htm.
You can read more at:

http://www.nytimes.com/2008/12/16/business/worldbusiness/16siemens.html?_r=0.
MODULE 3
Example 3.12: S
ecurency International Pty Ltd and
Note Printing Australia
Highly embarrassing allegations of bribery of foreign officials were made in 2009 in relation to the
conduct of Securency and Note Printing Australia (NPA) subsidiaries of the Reserve Bank of Australia.
Employees of Securency and NPA engaged agents in Nepal, Malaysia, Indonesia, Vietnam and Nigeria
in connection with the sale or proposed sale of ‘substrate’, the plasticised material used in polymer
banknote printing.
To date, nine individuals have been charged with a range of offences including breaches of the foreign
bribery provisions of the Criminal Code Act and falsifying company records to conceal illegal payments.
In addition to the nine personnel who were charged, in an unusual twist, both Securency and NPA
were charged with criminal offences in connection with the payments.
In Australia, both Securency and NPA were convicted and fined for their involvement but so far only
one conviction has been entered in the cases brought against the employees of those companies.
David John Ellery, former company secretary and chief financial officer of Securency, pleaded guilty
to a charge of false accounting in relation to an AUD 79 502 payment and sentenced in the Victorian
Supreme Court in August 2012 to a period of imprisonment for six months wholly suspended for
two years.
Other people have been charged in other jurisdictions.
Sources: Adapted from Baker, R. & McKenzie, N. 2012,

‘Guilty plea in RBA scandal’ Sydney Morning Herald, accessed July 2015,
http://www.smh.com.au/federal-politics/political-news/guilty-plea-in-rba-scandal-20120718-22ap8.html.
R v. Ellery 2012 VSC 349 (20 August), accessed July 2015, http://www.austlii.edu.au/cgi-bin/sinodisp/au/
cases/vic/VSC/2012/349.html. Baker, R. & McKenzie, N. 2013, ‘New charges in banknote bribery case’
Sydney Morning Herald, accessed September 2015, http://www.smh.com.au/national/new-charges-in
banknote-bribery-case-20130314-2g3m6.html.
Study guide | 221
An important issue in controlling foreign bribery is the focus many organisations have on their
compliance obligations. Many organisations operating globally have a complex range of foreign
bribery risk management obligations mandated by legislation such as the Foreign Corrupt
Practices Act (US) (FCPA), the Bribery Act (UK) and the Criminal Code Act (Australia). All of these
require organisations that are subject to their provisions to implement robust measures for the
control of foreign bribery.
But the related legislation and the regulatory guidance is very prescriptive. In the current
compliance-driven age, many organisations seem more concerned with compliance with
legislative requirements than they are about actually stopping foreign bribery. This has given
rise to transacting through local ‘agents’ on an ‘ask-no-questions’ basis at the same time as
having ‘suspicions’ (but not knowing) that expenses paid to these agents may be connected
with bribery of foreign officials. Complying with the foreign bribery provisions, or at least
being seen to comply with the foreign bribery provisions, appears to be the main focus of
many organisations rather than stamping out the behaviours.
➤➤Question 3.3
What do you think the role of the forensic accountant would be in investigating bribery and
corruption in cases like AWB, Rio Tinto, Siemens and Securency?
➤➤Question 3.4
What controls or other initiatives could a business implement to reduce the risk of its staff or
agents becoming involved in corruption?
MODULE 3
Money laundering
Money laundering is an attempt to conceal the source of money usually generated by illegal
or criminal activity. The aim of money laundering is to enable people with a beneficial interest
in the proceeds of crime to enjoy the benefits of their illegal activities while at the same time
satisfactorily accounting for the source of those funds. ‘Anti-money laundering’ involves
methods and measures that help prevent or minimise money laundering.
People involved in illegal or criminal activity attempt to ‘clean’ their ‘dirty’ money by getting
it into the financial system without detection or arousing suspicion. Money is thus ‘laundered’
using a lawful process so that it loses its link to its source and appears to be derived from
a legal source. Once the funds are in the financial system, they can be transferred between
different bank accounts or financial instruments, domestically or abroad, or used to buy
goods and services.
Money is laundered in a three-phase cycle, as shown in Figure 3.6.

Figure 3.6: The money laundering cycle
1. Placement
Bank accounts are typically established in the name of a legal business known as a ‘front’ for the purpose
of laundering money.
The illegal or criminal earnings/revenue are deposited into bank accounts or converted to negotiable,
redeemable or saleable items by a series of small and anonymous transactions.
Since these deposit amounts are deliberately below the declaratory thresholds of the bank, no due
diligence verification is typically carried out. Hence, the dirty money now belongs to a legal enterprise
and can be used to acquire assets.

2. Layering
The revenue is then used to acquire legitimate assets, such as property. After these assets are acquired,
they are then sold, and often re-sold a number of times, to further distance the converted revenue from
its original source. The main purpose of this phase is concealment.

3. Integration
This phase has the objective of placing revenue into a genuine and lawful economy. Often the legitimate
businesses used are those with a high level of cash transactions (e.g. casinos). The main objective is for
MODULE 3
the final revenue to be completely disconnected from the original criminal proceeds.
Despite the process shown in Figure 3.6, completely ‘cleaning’ the money is difficult to achieve
because it requires sophisticated schemes to remove the entire traceability of ‘dirty’ money,
no matter how many times the three-phase process is put into operation (Madinger 2012).
➤➤Question 3.5
(a) What is the objective of money laundering?
(b) What sources of evidence would you consider in an investigation of money laundering activity?
Insider trading
The final type of business crime that we will discuss involves the misuse of information coming
into the possession of a person or persons associated with a business venture, when the
information is not known to the market generally. Typically, this will involve a member of the
board or a senior executive of a publicly listed corporation who has knowledge of future plans
of the corporation, an announcement in relation to the future profitability of the business or
a merger and acquisition. The ‘insider’ then uses this information to buy or sell shares in the
corporation or in another corporation involved in the relevant transaction. Such behaviour
contravenes the Corporations Act and is commonly known as insider trading.
Study guide | 223
Example 3.13: NAB and Australian Bureau of Statistics

Lukas Kamay, a Melbourne-based NAB foreign derivatives trader, and Christopher Hill, an employee
of the Australian Bureau of Statistics based in Canberra, conspired to commit Australia’s largest insider
trading fraud, which netted them a personal benefit of more than AUD 7 million. Kamay was able to
make derivative product trades over a period of nine months using information provided by Hill at
a time where he knew they would benefit from favourable movements in market prices. The profits
were channelled by Kamay into real estate and other investments.
Kamay and Hill appeared in the Victorian Supreme Court in March 2015 where they were sentenced to
terms of seven years and three years respectively for insider trading (s. 1002G of the Corporations Act),
money laundering and abuse of public office. In addition to Kamay and Hill being imprisoned,
the Criminal Assets Confiscation Taskforce was able to recover the profits generated, which were
forfeited to the Confiscated Assets Account.
Source: Adapted from ASIC 2015, ‘15-058MR Two men sentenced in Australia’s largest insider trading
case’, accessed August 2015, http://asic.gov.au/about-asic/media-centre/find-a-media-release/2015-
releases/15-058mr-two-men-sentenced-in-australia-s-largest-insider-trading-case.
Example 3.14: Gunns Ltd

In December 2009, the 70-year-old chairman of Gunns Ltd sold AUD 3.1 million worth of shares he
held in the company after receiving a management report showing a forecast 139 per cent fall in profit.
At the time he sold the shares, the content of the report had not yet been made public, which meant
that he acted on sensitive market information that was not available to the market generally. In August
2013, the chairman was fined AUD 50 000 and banned from being a director for 10 years. Justice Porter
in the Tasmanian Supreme Court, in sentencing, said to the chairman, ‘You ought to have exercised
far greater care’.
MODULE 3
Sources: Adapted from In re Gay [2014] TASSC 22 (15 April 2014), accessed July 2015,
http://www.austlii.edu.au/cgi-bin/sinodisp/au/cases/tas/TASSC/2014/22.html.
Australian Securities & Investments Commission (ASIC) 2014, ASIC Enforcement Outcomes:
July to December 2013, Report 383, pp. 32–3, accessed July 2015,
http://download.asic.gov.au/media/1344494/rep383-published-11-February-2014.pdf.
Summary
In this section, we have considered seven commonly encountered business crime types:
1. workplace fraud (internally instigated fraud);
2. externally instigated fraud;
3. financial statement manipulation;
4. bribery and corruption (local);
5. bribery and corruption (international);
6. money laundering; and
7. insider trading.
This list and our brief examination of each business crime type is by no means exhaustive but
provides a foundation for considering the material in the remainder of the module.
Business crime can have a major impact on business performance and in some cases even cause
a business to fail. Many of the victims of business crime, including crimes where major financial
damage is done, are ‘first-time victims’ and many of the perpetrators of business crime are also
‘first-time perpetrators’.
In the remainder of this module, we look at how the forensic accountant can help clients to
investigate business crimes as outlined in this section, ways of detecting business crime and
how the risks can be more effectively managed. An important element of your learning from the
remainder of this module is that the fundamental techniques applied by the forensic accountant,
whether operating in investigation, detection or prevention mode, are common to all business
crime types.
The forensic accountant’s role in investigating

business crime
Overview
As we have mentioned, APES 215 Forensic Accounting Services is the standard dealing with the
provision of forensic accounting services.
APES 215, a useful source of guidance on the role of the forensic accountant, identifies four key
services:
1. expert witness services;
2. lay witness services;
3. investigation services; and
4. consulting expert services.
In delivering any of these services, whether as a full-time forensic specialist or as an occasional

forensic practitioner, it is critically important that the fundamental responsibilities of APES 215 are
MODULE 3
observed. One of the key responsibilities, as detailed in Section 3 of APES 215, relates to the duty
of professional independence. In essence, the professional independence provisions require
the forensic accountant to avoid any conflict of interest in the delivery of a forensic engagement.
Failing to manage a conflict of interest can be problematic in instances where the forensic
accountant is providing a forensic service that includes an independent expert witness testimony
but at the same time is asked to provide their client with strategic or tactical advice in the same
matter. As far as possible, it is important for these potentially conflicting roles to be avoided.
Business crime
In this module, given our focus on the investigation of business crime, we are mainly concerned
with the third of the key services listed above—‘investigation services’. APES 215 defines
investigation services as advising on or assisting ‘with an investigation … either in the context
of proceedings or can reasonably be assumed to be a matter that will be brought before a court’
(APES 215, Section 2).
Non-business crime engagements

Forensic accountants can also be engaged in a wide variety of matters outside the investigation
of business crime. These engagements can involve civil disputes and sometimes matters that
will never make it into the legal system (either criminal or civil). These diverse areas of practice
(which are usually investigation services and/or consulting expert services) include:
• Family law matters, where a forensic accountant is retained either by one of the parties or
by the Family Court to assist in the determination of settlements.
• Calculation of damages arising out of claims for negligence or breach of contract.
• Quantification of loss in support of the claims against an insurer.
• Investigation into the reasons for corporate collapse, where the forensic accountant uses
investigative and/or analytical skills to identify causes of corporate failure.
Study guide | 225
• Investigation of the date of insolvency, where the forensic accountant establishes at what
time a person or entity became unable to meet their debts.
• Investigation into management/governance failure.
• Complex reconciliation, for example, between general ledger and sub-ledger where not
all of the records are available.
• Reconstruction of accounting records by application of analytical and investigative
techniques.
• Investigation into misconduct other than fraud, corruption or other criminal behaviour
(such as breach of internal controls/code of conduct).
• Asset tracing, which may be required where assets have been ‘hidden’ in such matters as
family law disputes or in cases of misbehaviour by company directors and officers.
Conducting a business crime investigation

The investigative process usually encompasses a six-phase approach:
Phase 1: Briefing
Phase 6: Reporting
Each of these phases is discussed briefly in the following text.
Phase 1: Briefing
MODULE 3
A forensic accountant investigating a business crime must be as objective as possible when
they receive and respond to information and instructions. They must be alert at all times to any
bias in the briefings provided. Maintaining objectivity is an essential element to any forensic
accounting assignment. It must also be remembered that if a matter progresses to a court
hearing, the forensic accountant owes a duty to the court rather than to the client.
At the beginning of an investigation, it is common for the client’s objectives for the proposed
investigation to be poorly defined. It is important to ensure the investigation objectives are clear
to both client and forensic accountant before starting work.
The essential objectives of the briefing phase are to:

• gather and document background facts;
• identify key issues for investigation and consider what evidence needs to be collected;
• identify where that evidence might be located; and
• identify the analytical methodologies that need to be used in the investigation once the
evidence has been gathered.
The forensic accountant should also identify any tasks that are outside their area of expertise
and request assistance with those tasks.
The forensic accountant should ensure that they obtain clear, unambiguous written instructions
from the client or from the client’s instructing legal advisers as to specific allegations to be
investigated and reported on.

As with all well-ordered tasks, the first goal for the forensic accountant investigating business
crime is to develop a detailed work plan. This will need to be agreed with the client before
starting the work. A properly prepared plan that is understood by all involved in the investigation
has a number of key benefits, including that it:
• ensures proper resourcing of the investigation;
• avoids duplicating effort through an effective allocation of tasks and accountabilities;
• ensures information and evidence is available to all members of the team as it is gathered;
• ensures the investigation is delivered efficiently by setting deadlines;
• allows for the identification of further required evidence and witnesses to be interviewed;
• ensures that the investigation addresses the original scope and objectives rather than
straying onto other matters that are essentially irrelevant to the client’s needs; and
• enables time and cost spent on the investigation to be tracked.

An important element of a business crime investigation is to build a profile of the ‘person of
interest’ to the inquiry—in other words, the person the client and/or the investigator believes
was or may have been involved in the business crime. The forensic accountant can build this
profile from a number of publicly available sources, sometimes referred to as ‘open source
intelligence’, including:
• company registration office searches of individuals to establish if a person holds directorship
or company secretary roles;
• land title searches, which provide details of the ownership of properties;
• credit reference checks, which can provide valuable information about solvency and the
credit history of companies associated with the person of interest;
MODULE 3
• bankruptcy records; and

• publicly accessible elements of social media sites including Facebook, LinkedIn, Twitter
and Instagram.
This information may assist the forensic accounting investigator to gather valuable information
about the person of interest, such as:
• addresses used by the person of interest;
• date of birth;
• marital status;
• employment history;
• whether the person of interest is involved in activities such as horse-racing, gambling or
various other identifiable pursuits;
• whether there is a history of insolvency or a bad credit rating; and
• corporations they are involved with.
This is not an exhaustive list of data that can be sourced and used in a profile. Of course,
forensic accountants working in a law enforcement capacity will have access to an even wider
range of information that can be legally obtained by virtue of the statutory powers available to
them. Such things as records of vehicles owned and driving licences held, for example, can be
sourced from the relevant licensing and registration authorities, as well as any prior criminal
history of the person of interest or their associates.
Study guide | 227

A common theme in all business crime investigations is a ‘focus on evidence’. The forensic
accountant should ensure that evidence relied upon is legally obtained and that it will be
admissible in court. In many cases, the matter being investigated will not proceed to court, or if
it does, evidence may not be required from the forensic accountant. However, there is always the
possibility that the matter may progress to court (sometimes several years after the investigation
has been completed), so the forensic accountant needs to conduct their investigation on the
assumption that the evidence gathered will be subject to judicial scrutiny at some point.
An important consideration is to ensure only those documents that are relevant are relied
upon for any report. A client, judge or jury may become lost with an excessive amount of
documentary evidence. It can be difficult to determine the relevance of documents at the
beginning of an investigation, so it is common to retain all potentially relevant documents
and make a determination about their relevance at a later date.
Sources of evidence
The forensic accountant needs to know how to legally obtain evidence in the possession of the
client and/or other relevant parties. Sometimes external parties may not be willing to provide
the requested evidence. It is beyond the scope of this module to examine all of the ways
evidence can be obtained and the legal processes for obtaining evidence from parties who are
unwilling to provide it. However, the following is an overview of some of the more important
aspects of a business crime investigation in terms of capturing and collating relevant evidence.
Legally admissible evidence can take many forms but will generally fall into one of the
following categories:
MODULE 3
• oral testimony;
• written testimony obtained from witnesses and converted to witness statements;
• documents;
• accounting records;
• computer-produced evidence;
• photographs;
• physical exhibits (e.g. cash, vehicles); and
• expert reports.
It should also be noted that in many jurisdictions, the retention of business documents, including
emails, is a legal requirement. In these cases, the destruction of documents that may be required as
evidence in a legal proceeding may be a criminal offence. This is discussed in Module 6.
AS 8001–2008 Fraud and Corruption Control provides a useful summary of evidence-gathering

activities that may be undertaken during the course of an investigation:
• interviewing relevant witnesses including obtaining statements, where appropriate including
witnesses internal and external to the entity;
• reviewing and collating documentary evidence;
• forensic examination of computer systems;
• examining telephone records;
• enquiries with banks and other financial institutions (subject to being able to obtain
appropriate court orders);
• enquiries with other third parties;
• data search and seizure;
• expert witness and specialist testimony;
• tracing funds/assets/goods;
• preparing briefs of evidence;
• liaison with the police or other law enforcement or regulatory agencies; and
• interviewing persons suspected of involvement in fraud and corruption
(AS 8001–2008—s. 5.3.2).
After completing the investigation (and often progressively throughout the investigation),
the forensic accountant provides an opinion or advice based on the evidence gathered. If the
forensic accountant is not able to form an opinion as they have not yet gathered sufficient
evidence to do so, this needs to be stated, together with a statement about any further
evidence required to form an opinion and where that evidence might be sourced.
Investigator licensing
Another consideration for the forensic accountant when acting in evidence-gathering mode is
the question of licensing. In many (though not all) jurisdictions there is a licensing requirement for
people engaged in carrying out investigations into the conduct of a person. Although examining
documentation provided to a forensic accountant by another party is unlikely to fall within the
ambit of this legislation, other inquiries conducted external to the office environment could fall
within the intended ambit of the statutory provisions. The legislation is rather imprecise and it is
not possible to provide specific guidance on when licencing requirements will apply and when
they will not.
In Australia, the laws relating to conducting investigations into personal misconduct varies from
state to state. In New South Wales, pursuant to the Commercial Agents and Private Inquiry Agents
Act 2004, (NSW) s. 4, a person who is engaged to undertake any activity ‘on behalf of a second
person (not being his or her employer) … that involves finding a third person, or investigating
a third person’s business or personal affairs ’ is required to be licensed. In Victoria, under the
Private Security Act 2004, (Vic) s. 3, a person who is engaged to ‘obtain and furnish information
as to the personal character or actions of any person or as to the character or nature of the
business or occupation of any person ’ is required to be licensed. Corresponding provisions
apply in all Australian states for firms that provide these services.
MODULE 3
A forensic accountant who is likely to be engaged to carry out investigation work should check
with their local authority to determine whether they are required to be licensed in the jurisdiction
for the work contemplated. The alternative to the forensic accountant being licensed is to engage a
licensed provider to carry out those parts of the investigation that would require being licensed.
Recording evidence gathered and ‘chain of custody’

The forensic accountant must ensure that all evidence gathered during the course of a business
crime investigation is appropriately recorded and the original documents are held in a safe and
secure storage environment. Where copies of documents are taken, the copied documents
should be appropriately noted. The forensic accountant must be careful not to mark the original
documents in any way.
If original documents are received by the forensic accountant in a business crime investigation
and those documents are sent to another person, it is important that this transfer is appropriately
recorded and receipted. This orderly movement of original documents (including computers or
computer-produced evidence) is called the ‘chain of custody’.
Interviewing and capturing ‘oral’ evidence

Where it is necessary to interview people with information relevant to the business crime
investigation (i.e. witnesses), it is important to ensure that the interview is properly conducted
and documented. As a general rule, a forensic accountant should only interview witnesses if they
are appropriately qualified to do so. Documenting the interview is something that should be
discussed with the client’s legal advisers before deciding how best to document the evidence
that the witness would be willing to give in legal proceedings. Alternative ways of documenting
witness evidence include a witness statement, affidavit and statutory declaration.
Study guide | 229
➤➤Question 3.6
You have been engaged by a company to investigate an alleged workplace fraud. The allegation
is that a member of staff has been diverting payments from a client to their own personal bank
account rather than depositing them into the company bank account.
(a) What documents would you request?
(b) What, if any, other sources of evidence would you seek to obtain?
Seizing and searching computers

Forensic accountants will frequently be required to consider evidence that may be held on
computers. Computer forensics is a specialised area of practice. In nearly all cases, accessing
material on a computer as part of an investigation requires the expertise of a specially trained
and qualified forensic IT specialist. The computer forensic process or ‘methodology’ can be
broken into six distinct stages:
1. identify;
2. preserve;
3. capture;
4. process;
5. analyse; and
6. produce.
Having captured the digital evidence from computer systems, the forensic technology specialist
can assist the forensic accountant identify evidence using a range of techniques (as outlined in
Table 3.3).
MODULE 3
Table 3.3: Techniques for capturing digital evidence
Technique Explanation
Extraction of files Files may include but are not limited to documents, picture files, spreadsheets,
emails, web pages, multimedia files, deleted files and financial files.
Keyword searching A keyword list is nominated and a search is conducted over the entire computer
for hits.
Internet usage The stored files or ‘cache’ includes web pages, graphics, sound files and other
embedded files. Web mail, such as Gmail or Yahoo!, can also be located.
Link files Shortcut or link files are used to associate a shortcut or start menu item with
specific files or programs. Examples of link files include those found on your
desktop or in your start menu.
Deleted files The deletion of a file does not remove the content of that file from the hard
drive; these files can often be recovered by the IT specialist.
Metadata Metadata is ‘data about data’. This may include information such as author,
creation date, editing time, list of last 10 authors and storage file paths.

The implications of cloud computing for forensic accountants

A recent phenomenon that potentially has important implications for forensic accountants is
‘cloud computing’.
In essence, ‘the cloud’ involves the storage of data on sites remote to the owner of the data
and in locations that are sometimes not even known to the owner. The owner assumes that the
data will be there when they need it (and of course it usually is) but they no longer have physical
possession of it as they did when the data was stored on their own computer or server on their
own premises or on a premises known to them.
Issues relating to cloud computing and data ownership and security are further discussed in Module 5,
and cloud computing technology is explained further in Module 6.
Most people have an appreciation of how cloud computing operates but they don’t consider
how it impacts on the legal system. For the investigator, it may not be possible to locate all data,
especially if cloud providers have not been diligent in their storage security. The investigator
will not be able to go to a site and ‘capture’ data in the usual way. An investigator armed with
a search warrant or search order for a business premises will not find the target organisation’s
data, as it will not be on a file server at the premises where the investigator would expect to find
it; it will be located on a file server on the premises of the cloud-computing provider, which may
be located in another country. The six-stage computer forensic process described earlier breaks
down when the investigator is dealing with data stored in the cloud.
However, the legal system is responding to these new challenges, and investigators, in the
right circumstances, are seeking and obtaining court orders requiring access to data stored in
the cloud to be provided by the person or entity in control of the data. That works well if the
MODULE 3
person or persons who have knowledge of the access codes and passwords are available to the
investigator but if they are not, the investigator’s options are very limited. In some situations,
the investigator may know where the data is stored but navigating through the legal and
technical minefield to access a particular server in a particular country can often present major
difficulties in securing business records, which may be required as evidence.
Social media as a source of information and evidence

Social media has become part of daily life for most individuals and organisations. The segregation
between perceived ‘personal’ and ‘professional’ identities has all but broken down as consumers
become more technically capable and demanding of ‘real-time’ information, no matter where
they are in the world. This ‘do everything from everywhere’ user mentality has had massive
flow-on effects to a range of different industries and sectors, including investigations and
forensic technology.
A short list of the extensive number of social media sites that are routinely accessed by many
people includes Facebook, LinkedIn, Twitter, Instagram, YouTube and Yammer. Social media
usage is growing and new sites are emerging.
The use of these services is further explained in Module 6.
The main effect of the increasing use of this technology for forensic accounting is a dramatic
increase in the amount of potential information and evidence available to investigators.
The forensic accountant needs to consider the information available to them from social media
when conducting a forensic investigation.
Study guide | 231

Forensic accounting entails detailed examination of all relevant documents and other relevant
evidence. Only under certain limited circumstances would sample testing be performed,
although this may be an approach that can be used in the planning phase of a business crime
investigation. A major difference between auditing and forensic accounting is the need for the
forensic accountant to examine all documents relevant to a particular transaction or series of
transactions rather than a sample.
Documents are assessed for their origin, clarity and relevance to the case. The forensic accountant
may also need to study, observe and document the behaviour and changes in behaviour of people
who are (or who may be) ‘persons of interest’ in the case.
Each case is different, so the analytical method used will necessarily be driven by the particulars
of the case and the evidence that the forensic accountant has been able to gather. It is also
important to remember that the forensic accountant may need to work with business records
(whether in hard copy or electronic form) that are deficient in some respect—records that are
incomplete, missing or damaged in a way that makes them difficult to comprehend.
It is also important to understand that ‘analysis’ of evidence is a separate process to the previous
phase where we looked at ‘gathering and securing evidence’. This is not to say that once ‘analysis’
has started, ‘gathering and securing’ has ceased—in most investigations the two phases will
operate concurrently, with the forensic accountant seeking more evidence as they are informed
by the outcome of the analysis that has been done up to that point.
Analysis of forensic evidence can take a number of forms and will need to be tailored to the
evidence available, the objectives of the investigation and the way the evidence will be used
MODULE 3
and presented.
A short selection of analytical methodologies employed by forensic accountants in the investigation

of business crime is as follows:
• data sorting and filtering;
• identification of falsified business documentation;
• quantification;
• asset betterment analysis;
• relationship mapping;
• chronology analysis;
• funds tracing; and
• asset location.
These analytical techniques are summarised in the following sections.
Data sorting and filtering

Once the forensic accountant has gained access to financial information (e.g. bank statements,
general ledger, quotations, invoices, purchase orders, vouchers, other sources documents,
journals), it is essential to be able to efficiently and accurately analyse the captured data to
identify and analyse significant transactions. Some common approaches include:
• capturing the transactional data electronically, converting it into a format that can be
accepted by spreadsheet software (such as Microsoft Excel) and then migrating the data
to a spreadsheet;
• where the forensic accountant receives a large quantity of hard copy documentation,
scanning these documents using Optical Character Recognition software before migrating
the data into a spreadsheet;
• where electronic data is not available or scanning of hard copy data is not possible,
entering the data manually into a spreadsheet; and
• as additional data from other sources is gathered, adding this data to the spreadsheet
using a unique transactional number to confirm the transaction as recorded in different data
sets (e.g. a payment voucher number may link a purchase order, payment number and invoice
number to confirm that all are associated with the same procurement transaction).
Once all data has been entered into a spreadsheet, the forensic accountant can then proceed to
use this program to sort and filter data into ‘like fields’ (i.e. sorting the various entries according
to the information about the individual transactions). This should be done initially in date order but
in such a way that the data can be sorted or filtered as required according to other parameters
(e.g. invoice number order, voucher number order, supplier number order, payment date order).
Example 3.15: Using spreadsheet software to sort data

This is a simplistic example of using spreadsheet software to sort data. It relates to the fictitious bank
statements of an individual; there are 17 entries collected from a bank statement. These entries are
first presented on the date they occurred, as would be the case in a bank statement and recorded as
a debit or credit entry and accompanied by an explanation.
Account details BSB 123456 Account No. 678910
Period 1.1.20X1 to 31.1.20X1

Opening balance $1 267.00
Date Dr Cr Detail
MODULE 3
1.1.20X1 $2 000.00 Salary

2.1.20X1 $32.00 Union fees
2.1.20X1 $500.00 Cash deposit
2.1.20X1 $420.00 Rent
3.1.20X1 $500.00 ATM withdrawal
5.1.20X1 $125.00 Woolworths
9.1.20X1 $65.00 Caltex service: Petrol
10.1.20X1 $85.00 Liquor purchase
15.1.20X1 $2 000.00 Salary
16.1.20X1 $32.00 Union fees
18.1.20X1 $142.00 Woolworths
21.1.20X1 $62.00 Shell Petrol
28.1.20X1 $1.25 Interest charge
$2 164.25 $5 300.00
Closing balance $4 402.75
Including the account’s opening and closing balance enables cross-checking with the bank statement
being used as the data source to quickly establish if there have been any data entry errors.
Study guide | 233
Having loaded the data in date order, the forensic accountant can use the data sort functions of
Microsoft Excel to complete a number of analyses. The most useful is to sort the data to show debits
and credits grouped together along with a grouping of the details relating to transactions. This is set
out below:
Account details BSB 123456 Account No. 678910
Period 1.1.20X1 to 31.1.20X1

Opening balance $1 267.00
Date Dr Cr Detail
1.1.20X1 $2 000.00 Salary
15.1.20X1 $2 000.00 Salary
9.1.20X1 $65.00 Caltex service: Petrol
28.1.20X1 $1.25 Interest charge
10.1.20X1 $85.00 Liquor purchase
2.1.20X1 $420.00 Rent
21.1.20X1 $62.00 Shell petrol
2.1.20X1 $32.00 Union fees
MODULE 3
16.1.20X1 $32.00 Union fees
5.1.20X1 $125.00 Woolworths
18.1.20X1 $142.00 Woolworths
$2 164.25 $5 300.00
Closing balance $4 402.75
This analysis achieves the following benefits for the forensic accountant:
• It highlights ‘out of the ordinary’ transactions that will need further investigation. In this case,
the cash deposits stand out as one transaction type that requires further investigation (e.g. the
recovery of a deposit slip or voucher from the bank).
• When built up month by month, it allows for the preparation of a cash flow statement for the
individual’s behaviour.
• It allows the preparation of graphs.
• It allows analysis over a period of time (e.g. one year) of the total of earnings and expenditures
by category.
• It allows quick searching by date, amount and category for specific transactions.
This last point is particularly relevant where the forensic accountant has been instructed that the
alleged (illegal) event has occurred on or around a particular date. It also reinforces earlier comments
about the importance for the forensic accountant to obtain as much information as possible about
the target so that ‘out of character’ transactions will be readily identified.
This type of analysis is, however, limited by the level of detail contained in bank statement descriptions
for transactions, which can vary.
Identification of falsified business documentation

A forensic accountant investigating a business crime will frequently be required to look for and
identify documents that are false in a material respect. This can be required in the investigation
of a range of business crimes discussed in this module, including misappropriation of assets,
financial statement manipulation, bribery and corruption, income tax evasion, GST fraud
and others.
Falsification can occur in the creation of source documents, in transaction processing and
in management and financial reporting. A genuine document can be falsified to give a false
impression of a business transaction. The forensic accountant must know where to look for
falsified business documents or transactions and be able to recognise them when they are
found. This ability generally relies on experience built up over time.
It is important to note that this analysis of documentation is in the context of an investigation

of a business crime that has already been reported to the forensic accountant rather than the
forensic accountant setting out to detect a business crime (discussed later in this module).
This means that the forensic accountant will already have some idea of what is alleged to have
occurred, where to start looking for evidence and what that evidence may reveal. This doesn’t
mean that the forensic accountant can close their mind to other possibilities, but at least having
received specific instructions about a specific business crime will provide an initial direction for
the investigation.
Having captured all of the available documentation (whether source documents, internal
processing documents or management reports) that is or may be relevant to the case under
investigation, the forensic accountant must sort the captured evidence into a relevant and logical
order. The logical order in most cases will be date order, either the date of the transaction or the
MODULE 3
date the transaction was processed, or some other relevant date order.
Having ordered the documentation, the forensic accountant commences an analysis, looking
for a range of indicators of fraudulent transactions. We have already noted that every case is
different and the forensic accountant investigating a particular business crime will need to create
their own list of what to look for, but some common ones are:
• identifying transactions involving parties that have been indicated as being involved in
business crime transactions;
• identifying bank accounts used by the parties involved;
• identifying the transaction descriptions used in the source documents;
• identifying who within the organisation was involved in the transactions (including initiation
of the transaction, authorisation and processing);
• researching and identifying how the transactions have been ‘coded’ in the accounts of the
paying and receiving entities;
• reconciling transactions between paying and receiving entities, looking specifically for
transactions that vary as to the amount or date in the records of both payer and receiver; and
• identifying transactions that are recorded as having occurred on different dates in business
records where the date should be the same.
Study guide | 235
Quantification
Having isolated transactions that constitute evidence of a business crime, the forensic accountant
will need to move to quantify any loss suffered. Quantification is an important component of the
analysis phase and generally will be at the core of any final reporting by the forensic accountant.
The following is a non-exhaustive list of the reports that can be prepared to quantify the losses
that may have been suffered. The forensic accountant may prepare a report:
• for the client so that the client can make a decision as to what, if any, further action should be
taken (in some cases the quantum of the business crime will be below a set threshold, so the
client may not wish to take further action);
• for use by the client’s legal advisers in order to prepare a claim against one or more other
parties in a civil jurisdiction;
• for use in reporting the matter to the police or another law enforcement agency (note that
in many jurisdictions, there is no mandatory requirement to report the matter to the police,
so it is important to understand for each case the legal requirements for reporting the matter
to law enforcement); and
• for the client to pursue a claim for insurance recoveries where the client has insurance cover
for such conduct.
In its simplest form, the quantification of the financial effect of a business crime will be supported
by a schedule of transactions, which details, for example:
• unauthorised payments to an employee’s personal account (e.g. false invoicing or payroll fraud);
• payments by a business by way of a political donation in foreign jurisdictions;
• corrupt cash payments to an employee of a business from a vendor to that business;
• the value of work done at the personal property of an employee; and
• journal entries bringing to account income that has not been earned.
MODULE 3
Asset betterment analysis
One methodology often used by forensic accountants in intelligence-led business crime
investigations is ‘asset betterment’ analysis. The asset betterment analysis records, at specific
points of time, the assets and liabilities of a ‘person of interest’ to the investigation from which
the forensic accountant will be able to calculate the ‘net wealth’ of the person and changes in
their net wealth over time.
The forensic accountant can compare the resulting net wealth across periods and establish:
• patterns of growth and diminution in net wealth; and
• periods in which net wealth changes have occurred.
By being able to identify the changes in net wealth and the periods in which those changes
occurred, the forensic accountant will be able to narrow the investigation and select specific
transactions for a closer examination.
This methodology is mainly used in investigating cases where it has been alleged that persons
and/or entities have acquired wealth from the proceeds of crime. In the typical scenario, a person
with apparently limited sources of legitimate income will generate a substantial net wealth
position. Often, the assets will be held in names other than the person of interest or entities
that they control. An important focus of the asset betterment analysis will be to arrive at a clear
picture of assets that are ‘enjoyed’ by the person of interest regardless of whether those assets
are in their name.
Example 3.16: Asset betterment analysis

Police conducted an investigation into an allegation of two people conducting a fraud against a
government agency. The alleged fraud involved generating payments for services not rendered.
Table 3.4 is an asset betterment analysis based on that prepared by the forensic accountant investigating
this allegation. The statement was compiled from records from banks, lenders and the government
agency concerned.
Table 3.4 lists the assets, liabilities and resulting net wealth of the person of interest at five selected
dates during the period of the alleged offending.
Table 3.4: Asset betterment analysis
30.09.20X4 30.06.20X5 30.06.20X6 30.06.20X7 31.12.20X7

Date ($) ($) ($) ($) ($)
Assets
Cash balances –5 157 –9 563 38 722 19 157 92
Vehicles 40 790 91 540 214 230 330 275 239 035
Chattels 5 689 5 689 26 205 74 049 75 999
Real estate 115 000 115 000 115 000 1 310 000 1 310 000
Total assets 156 322 202 666 394 157 1 733 481 1 625 125
Liabilities
Loans –98 016 –285 612 –127 864 –1 180 554 –1 123 683
Total liabilities –98 016 –285 612 –127 864 –1 180 554 –1 123 683
MODULE 3
Net position 58 306 –82 946 266 293 552 928 501 442
The increases in net wealth from 30 June 20X5 to 30 June 20X6 and to 30 June 20X7 were generated
from the proceeds of criminal activity. The gains are out of proportion to the income-generating
capacity of the person of interest. Deeper investigation uncovered instances of early payouts of car
loans with cash that appeared ‘out of nowhere’ and the deposit of cash against real estate that again
had no discoverable or legitimate origin.
Figure 3.7 is a graphical depiction of asset betterment over time. This is a powerful evidentiary tool
for use in interviews and court hearings.
Study guide | 237
Figure 3.7: Change in asset position over time
Asset position
$1 500 000.00
$1 000 000.00
$500 000.00
$0.00
–$500 000.00
Total bank accounts

Total vehicles
–$1 000 000.00 Total real estate
MODULE 3
Total chattels
Total loans
Asset position
–$1 500 000.00

Sept Dec March June Sept Dec March June Sept Dec March June Sept Dec
20X4 20X4 20X5 20X5 20X5 20X5 20X6 20X6 20X6 20X6 20X7 20X7 20X7 20X7
Relationship mapping
In some forensic assignments, the main objective is to understand the relationships between
people, corporations and other entities. In more complex cases, it is appropriate that this analysis
is done by a forensic accountant. A client may wish to understand more about a business partner
it has been dealing with in the past, or it may wish to understand more about a party with which
it is considering entering into a commercial relationship.
Understanding the parties you have been dealing with or intend to deal with in the future means
in many cases looking behind the corporate structure or other entity to determine who the
people are behind it. Forensic accountants are sometimes engaged, therefore, to help their
client understand these relationships. Undertaking this type of work will require:
• company searching;
• social media analysis;
• contract analysis; and
• interviewing people with relevant knowledge.
The exercise of relationship mapping is often used in conjunction with building a profile of a
‘person of interest’ (discussed earlier).
Chronology analysis
Understanding a sequence of relevant events is often highly important in a forensic engagement.
Being able to provide an accurate chronology of events and present this in a compelling format
is frequently a key objective of a forensic assignment.
Using the same information sources as for relationship mapping, the forensic accountant can
prepare an accurate chronology of events for use in further analysis of the available evidence and
presentation to their client or to the court.
Once the chronology has been completed, it can be documented in ways that are appropriate to
the case (see later in this module for more information on software commonly used by forensic
practitioners to present the output of a chronology analysis presented as a ‘timeline’).
MODULE 3
Funds tracing
Forensic accountants are often required to trace the flows of funds in relation to a case of
fraud, corruption or other business crime. The most effective way of doing this is the analysis of
statements of bank accounts, but this can be augmented by analysis of an entity’s own financial
records and other sources. Being able to analyse bank statements assumes that the forensic
accountant has access to them. If not, a court order or other legal remedy may need to be
obtained through the client’s legal advisers.
Asset location
Commercial disputes may ultimately lead to court applications for the seizure and forfeiture of
property. Forensic accountants can be engaged to look for property belonging to a party or a
potential party to a dispute to inform one of the litigants regarding their prospects of obtaining a
successful outcome to the legal proceedings. Asset location can involve searching public records
and the business records of the people and entities concerned. Again, court orders may be
required for the forensic accountant to gather the necessary information to carry out the analysis.
Assets that can be located or traced using these approaches can include:
• real estate;
• motor vehicles;
• vessels;
• aircraft;
• cash;
• bank deposits;
• trust deposits;
• shares and other securities;
• receivables; and
• machinery and equipment.
Study guide | 239
The forensic accountant needs to have an inquiring mind in order to locate assets, some of which
may have been deliberately concealed from the investigation process. They also need to have a
reasonable level of understanding of the publicly available data that may give an indication of the
existence of an asset.
Phase 6: Reporting
On completion of a business crime investigation, the forensic accountant will need to prepare
a report on the outcomes of their work. Such a report will potentially support the client’s case
should the matter proceed to court. The report must be accurate, concise and capable of
being clearly understood. It should attach all documentary evidence (or extracts from relevant
documentary evidence) used in formulating the forensic accountant’s conclusions or opinions.
The report must also comply with the requirements of APES 215 Forensic Accounting Services
and the expert witness requirements of the court or tribunal in which the matter will be heard.
The overarching requirement of APES 215 and the expert witness guidelines are generally that
the primary duty of the expert witness is to assist the court.
For example, in the ‘Expert witnesses in proceedings in the Federal Court of Australia—Practice
Note CM 7’, the following duties are imposed on an expert witness in Federal Court proceedings:
1. General Duty to the Court
1.1 An expert witness has an overriding duty to assist the Court on matters relevant to the expert’s
area of expertise.
1.2 An expert witness is not an advocate for a party even when giving testimony that is necessarily
evaluative rather than inferential.
MODULE 3
1.3 An expert witness’s paramount duty is to the Court and not to the person retaining the expert
(Allsop 2013).
The forensic accountant should always work on the presumption that the matter will proceed to
court and conduct the engagement accordingly (i.e. the rules of evidence must be strictly adhered
to even if there is no current indication that the matter will proceed to court). It is important that
the report of investigation into a business crime is set out in a clear and concise report that can
be understood by a third party reader (such as a judge), and that presents the findings in a clear,
logical and compelling way.
When preparing and structuring a report, the style of the report should:
• be clearly expressed and not argumentative in tone;
• be centrally concerned with expressing an opinion upon a clearly defined question or
questions based on the expert’s specialised knowledge;
• identify with precision the factual premises upon which the opinion is based;
• explain the process of reasoning by which the expert reached the opinion expressed
in the report;
• be confined to the area or areas of the expert’s specialised knowledge; and
• identify any pre-existing relationship (such as that of treating medical practitioner or a firm’s
accountant) between the author of the report, or their firm, company, etc., and a party to
the litigation.
In addition to the report content as set out above, the report needs to address the specific
requirements set-out in APES 215:
(a) the instructions received, whether oral or written;
(b) any limitations on the scope of work performed;
(c) whether any of the opinions, findings or conclusions of the Member are not based wholly or
substantially on the Member’s specialised knowledge derived from training, study and
experience;
(d) the relationships, if any, the Member or the Member’s Firm or the Member’s Employer has with
any of the parties to the Proceedings that may create a threat or a perceived threat to the
Member’s obligation to comply with the fundamental principles of the Code or the Member’s
paramount duty to the Court, and any appropriate safeguards implemented;
(e) the extent, if any, of reliance by the Member on the work of others;
(f) the opinions formed, or Other Evidence given, by the Member;
(g) whether an opinion or Other Evidence is provisional rather than concluded, and, if so,
the reasons why a concluded opinion has not been formed;
(h) the significant facts upon which the opinions or Other Evidence are based;
(i) the significant assumptions upon which the opinions or Other Evidence are based and the
following matters in respect of each significant assumption:
(i) whether the Member was instructed to make the assumption or whether the Member
chose to make the assumption; and
(ii) if the Member chose to make the assumption, then the reason why the Member made
that choice;
(j) if the Member considers that an opinion or Other Evidence of the Member may be misleading
MODULE 3
because a significant assumption is likely to mislead, then a statement to that effect and an
explanation of why the assumption is likely to mislead;
(k) where applicable, that the Member’s opinion or Other Evidence is based upon another
person’s report;
(l) the reasoning by which the Member formed the opinions or arrived at the Other Evidence,
including an explanation of any method employed and the reasons why that method
was chosen;
(m) a list of all documents and sources of information relied upon in the preparation of the Report;
(n) any restrictions on the use of the Report; and
(o) a statement that the Expert Witness Service was conducted in accordance with this Standard.
(APES 215, para. 5.6).
Source: Reproduced with permission of the copyright owner,

Accounting Professional & Ethical Standards (APESRS), Victoria, Australia.
In paragraph 6 of APES 215, there are requirements that:

A Member shall not knowingly or recklessly make a statement or cause another to make a statement
in or in connection with a Forensic Accounting Service that, by its content or by an omission, is false
or misleading (APES 215, para. 6.1).
If a Member engaged or assigned to provide an Expert Witness Service becomes aware that
an opinion expressed by the Member in a Report was based on information that was false,
misleading or contained material omissions and that situation has not been subsequently disclosed
in a Report or in oral testimony, the Member shall promptly inform, as appropriate, the legal
representative of the Client, the Employer or the Court of the situation—the Member shall also
consider whether it is necessary to issue a supplementary Report (APES 215, para. 6.2).
Study guide | 241
Diagrammatic representation of investigative evidence

Case presentation is more and more becoming part of the role of the forensic accountant.
Some of the ways in which complex evidence can be presented in court (or in preparing for
court) are detailed in Table 3.5.
Table 3.5: Ways complex evidence can be presented in legal proceedings
Spreadsheets Using Microsoft Excel to produce tables of data will greatly assist in
communicating the outcome of the work that has been performed by the
forensic accountant. Extracts of these spreadsheets can be embedded in the
forensic accountant’s report.
Information database Microsoft Access, Filemaker Pro, iBase and other commonly available databases
are powerful tools for presenting complex evidence as they can be used to
highlight linked transactions that would otherwise not be readily seen.
Graphs Using Microsoft Excel in standard and non-standard modes will help you to
prepare charts and graphs that have a high visual impact. These graphs can be
embedded in the forensic accountant’s report.
Charts i2 Analyst’s Notebook (distributed by IBM) is the world standard for

computerised charting and can be used in data and relationship mapping.
Document imaging Ringtail is a litigation support software application that makes it possible to
capture, store and then present images of documentary evidence in legal
proceedings.
MODULE 3
The objective of diagrammatical representation of investigative evidence is to present the

outcome of any financial work and other analysis completed by the forensic accountant in a way
that will provide the highest degree of clarity for the reader. It may also permit a reduction in the
size of the report as some of the information that would require a great deal of explanation can
be conveyed with fewer words using visual aids.
➤➤Question 3.7
Go to: http://www-03.ibm.com/software/products/en/analysts-notebook for further information
about the capability of the Analyst’s Notebook.
How do you think Analyst’s Notebook would assist in preparing a forensic accountant’s report
in a business crime investigation?
Case Study 3.1: Midland University of Technology

Review the following facts in relation to the fictional ‘Midland University of Technology’ (Midland),
a tertiary institution situated in Dunedin, New Zealand, that has recently decided to open a campus
in Kuala Lumpur, Malaysia.
• Midland is a well-established tertiary institution based in Dunedin, on the South Island of New
Zealand. In 20X0, Midland’s board decided to establish the university’s first international business
campus in Kuala Lumpur (KL), Malaysia. The KL campus is intended to establish a ‘Centre for
International Trade’.
• The Board appointed KL business man Lew Guangli as Director of the new KL campus. Lew’s first
task was to oversee the construction of the new facility. Lew immediately appointed his brother-
in-law Yong Huojin as Business Manager of the KL operation. This move was questioned by the
board at the time because of the haste with which the appointment was made.
• The board did not do a lot of due diligence for the appointment of Lew Guangli, although the
board was, however, to receive regular financial reports during the construction process. At the
time of his appointment, Lew came with a strong recommendation by a member of the board
who had significant dealings with him in his own business in Malaysia, and who has since moved
on from the Midland board.
After a planning period of two years and construction lasting two years, costing more than
NZD 140 million, the main buildings at the KL campus were finished in August 20X4 and were ready
to accept students from March 20X5, with the only outstanding work being landscaping and car parks.
• The primary contractor for the construction was ‘Ampang Constructions’ (Ampang), the principal
of which is Bunga bin Kartika.
MODULE 3
Lew Guangli reports to the Vice-Chancellor (a VC is equivalent to a CEO) at Midland in Dunedin,

Professor Cameron McDonald, and visits Dunedin once a quarter to update the board on progress
in KL. Neither the VC nor any other executive of Midland or any member of the board have visited KL
in three years. Lew Guangli has supervised construction since commencement in 20X2 and throughout
the project has provided assurances to the board that the project was running to budget.
• The board has become increasingly concerned at a reported cost blowout which has become
apparent from the financial reports they have received. The building project looks like finally
coming in around NZD 25 million over budget against an original estimate of NZD 115 million to
be paid out of Midland reserves.
The board has asked Lew to provide details for the cost blowout but his responses are rather vague
and lacking in detail. The board wants answers.
• You are Manager, Corporate Assurance of Midland and are based in Dunedin. The VC seeks
your advice.
(a) Do you think there are grounds for an investigation? On what basis?
(b) Is there anything you could do ‘behind the scenes’ to investigate the concerns at this point?
Study guide | 243

After your initial conversation with the VC, the following has occurred:
• A whistleblower from within Midland’s Finance Department (based at Dunedin) has contacted
the VC by email and raised serious concerns about the conduct of Lew Guangli. She told the VC
that Lew has a ‘very cosy’ relationship with Bunga bin Kartika and that he is also very close with
Yong Huojin.
The whistleblower also says that she has done some background investigation of her own and found
evidence that leads her to the following conclusions:
– Ampang was one of five builders who submitted tenders and was the lowest priced tender coming
in around 5 per cent below the next quotation.
– Since construction commenced, there has been a continuous stream of ‘variations’, all of which
have been signed off by Lew and which amount to 21 per cent of the original quotation.
– Midland procedures require contract variations of more than 5 per cent of an original quotation
to be signed off by the VC and another Midland executive. However, 15 variations (all of which
were under 5%) have been signed by Lew Guangli and Yong Huojin. The whistleblower alleges
that the invoices for variations have been ‘split’ so that there was no need for the VC and another
executive to authorise them.
– Lew Guangli lives on a rural property 50 km from KL and recently completed a house on his
property that locals say is worth upward of RM 7 million.
(a) Is there any data analysis that could be done that would identify transactions for further
investigation? How would you do that?
(b) Using the six-phase investigation process discussed previously, what detailed investigations
would you consider in light of what you currently know?
MODULE 3
Your preliminary investigations uncover:
• Emails between Lew Guangli and Bunga bin Kartika going back prior to the tender being awarded
include significant communication between them in relation to the tender and the tender pricing—
it appears from the emails that this information was not provided to other tenderers.
• Lew is on an annual salary of RM 1.2 million before bonuses (which are expected to be around a
further RM 700 000) if certain growth targets are met.
• Construction of Lew’s house was started just three months after the construction contract to
Ampang was awarded and before construction started on the KL campus.
• Information has been received that Yong Huojin is also planning to build a new house on his land
near to Lew’s new house.
• A follow-up call from the whistleblower to the VC indicates that the builder for both Lew’s and
Yong’s new houses is Ampang.
• Initial analysis of the project overruns shows that one significant item was bricks—it appears that
Lew’s house is a large brick residence.
What legal avenues would you consider in gathering further evidence?


Following a full investigation, you have gathered the following evidence:
• Lew Guangli provided information to Ampang in relation to the construction project that was
not provided to other tenderers—this information was provided by Lew from his work computer
using his Gmail email account.
• Lew’s stated reason for assisting Ampang over the other tenderers is that ‘they were a local firm
and I knew they could do the job and do it well’.
• Lew Guangli and Yong Huojin allowed Ampang to submit a ‘non-complying tender’ but allowed
it to lower its price when its revised ‘complying’ tender was lodged. In the tender as lodged
initially, Ampang was the highest priced tender but the revised tender price was the lowest of
the five tenders received.
• Ampang built a house for Lew and is currently building a residence for Yong. Construction
consultants indicate that the cost of these residences is around 60 per cent of typical construction
costs for those types of projects.
• Lew denies getting any advantage from Ampang in the construction of his house, saying that they
just happened to be the cheapest of three building quotations he received at around the same
time that tenders for the Midland’s International Business Campus were being met.
• There is evidence that bricks used in the construction of both residences match the description
of bricks delivered to the KL International Business Campus construction site.
(a) What recommendations do you make to the VC on the basis of the evidence you currently
MODULE 3
have?
(b) Is there a case for involving the police? If so, what are the key considerations in preparing
your report?
Summary
Forensic accounting is a highly specialised area of the accounting profession covering a broad
range of assignments. It is incredibly varied and interesting, but it does require particular skillsets
that must be acquired over many years of experience before a forensic accountant can consider
themselves truly competent.
One of the key aspects of all forensic accounting assignments is a ‘focus on evidence’. The forensic
accountant is primarily concerned with gathering, securing and analysing evidence relevant to a
business crime investigation and then presenting the outcome of this work as clearly as possible.
In carrying out assignments in this area of practice, accountants are bound by the relevant
accounting standard (APES 215) and a variety of legal requirements including the rules of
evidence. The expert witness guidelines of various courts also make it clear that forensic
accountants are servants of the court when giving evidence and must recognise at all times
their paramount duty to the court as distinct from the client who appointed them.
To be effective, reports prepared by a forensic accountant for courts and clients must conform
to the principles of accuracy, clarity, independence, assumptions and relevance, and must be
properly referenced.
Study guide | 245
Detecting business crime

Overview
Earlier in this module, we considered the role of the forensic accountant in investigating
fraud, including planning and conducting an investigation and the various approaches
and methodologies that can be used. In this section, we look at the tools and techniques
available to forensic accountants for use in detecting fraud. In doing so, we will look at
information system-based tools and techniques as well as non-technological approaches.
There are three main categories of fraud detection:

1. recognising typical symptoms (red flags) of fraud; that is, indicators that fraud may or is
likely to have occurred;
2. the use of financial statement analysis and other analytical methods; and
3. the use of information technology tools including data analysis (Albrecht & Albrecht et al. 2014).
Each of these methods are summarised in the following sections.
Recognising typical symptoms of fraud

Detecting fraud through a recognition of symptoms or ‘red flags’ involves being alert to indicators
of fraud that arise from passive observation by management and others.
The six ‘symptoms’ or ‘fraud alerts’ proposed by Albrecht & Albrecht et al. (2014) are as follows:
1. accounting anomalies;
2. internal control weaknesses;
MODULE 3
3. analytical fraud symptoms;
4. extravagant lifestyle;
5. unusual behaviour; and
6. tips and complaints.
Table 3.6 provides a brief summary of the factors that can be considered in each of these
categories.
Table 3.6: The six ‘symptoms’ or fraud alerts—examples
1. Accounting anomalies 2. Internal control and weaknesses
• Irregularities in source documents. • Lack of segregation of duties.

• Faulty journal entries. • Lack of physical safeguards.
• Inaccuracies in the general ledger. • Lack of independent checks.
• Suspense accounts with unusual or • Lack of proper authorisation.
unexplained transactions. • Lack of proper documents/records.
• End-of-period adjustments that appear • Overriding existing controls.
unusual (e.g. reversals). • Inadequate accounting system.
• Transaction that appear to be highly
summarised in the general ledger.
• Unusual transactions in loan accounts.
• Transactions between the company and
directors.
• Unusual write-off of receivables.
• Excess purchases.
• Unreasonable expenses or reimbursements.
3. Analytical fraud symptoms 4. Extravagant lifestyle
• Unexplained inventory shortages or • Unexplained wealth.

adjustments. • Gambling.
• Deviations from specification. • Purchase of investments.
• Increased scrap. • Apparent financial pressures.
• Too many debit or credit memos.
• Sudden increases in account balances or
business levels.
MODULE 3
• Cash shortages of overages.
5. Unusual behaviours 6. Tips and complaints
• Failing to take leave. • Reports made through the usual channels.

• Taking leave for small periods throughout • Reports made through alternative internal
the year. channels.
• Not delegating or transferring tasks. • Reports made through alternative external
• Excessive generosity to other staff. channels.
Source: Adapted from Albrecht, W. S. & Albrecht, C. O. et al. 2014, Fraud Examination,
5th edn, South-Western Cengage Learning, Mason, Ohio.
It is important for all people involved with a business to be alert to the indicators of fraud.
The anomalies that indicate a potential fraud will vary depending on the fraud type—anomalies
that might indicate a payroll fraud will be very different to anomalies that indicate an accounts
payable fraud.
Study guide | 247
Example 3.17: Invoicing fraud

To highlight accounting anomalies that may be indicative of fraud, we can consider what would be found
in a typical case of false invoicing fraud. False invoices that have been prepared to support fraudulent
transactions or to conceal fraudulent transactions have been shown to have the following features:
• invoices poorly prepared;
• manually produced invoices from suppliers who usually prepare computer generated invoices;
• invoice numbers out of sequence;
• unknown vendors;
• no ABN, invalid ABN or not registered for GST;
• supplier recently registered with ASIC;
• vague descriptions on invoices;
• invoices used twice (possibly photocopied);
• abnormal authorisation; and
• invoices just below a particular threshold (e.g. $10 000 or $5000).
➤➤Question 3.8
Payroll fraud (involving the payment of salary and wages to a fictitious employee) will present a
different range of accounting anomalies to accounts payable fraud.
List three accounting anomalies that may be associated with payroll fraud.
The use of financial statement analysis and other analytical

methods
Analysis of financial statements and other analytical methods can be effective in detecting fraud
(both financial statement fraud and non-financial statement fraud). In addition to fraud detection,
MODULE 3
the same methods can be used to analyse evidence captured during a forensic investigation.
One of the main ways this is done is by looking at the performance of specific elements of the
business and comparing this performance with relevant benchmarks. This analysis can take
two forms, often referred to as:
1. horizontal analysis; and
2. vertical analysis.
Horizontal analysis
Horizontal analysis is where a raw value is compared with the corresponding raw value in other
years or periods. Horizontal analysis, unlike vertical analysis, does not consider benchmarks
outside the business’s own records. The steps for a horizontal analysis are as follows:
Step 1: Create a spreadsheet of financial information (e.g. statement of financial position or

statement of profit or loss and other comprehensive income) recording the raw values
in periodic columns across the page.
Step 2: Calculate the percentage change in each raw value from year to year.
Step 3: Analyse the percentage change in raw values.
Step 4: Consider and investigate the reasons for any unusual movements.
Vertical analysis
Vertical analysis is where items are calculated as a percentage of a base number, which is then
compared to previous periods or other external benchmarks (e.g. computer expenditure as a
percentage of sales).
Step 1: Create a spreadsheet of financial information (e.g. statement of financial position or

statement of profit or loss and other comprehensive income) recording the raw values
in periodic columns across the page.
Step 2: Calculate a relevant ratio for each raw value (e.g. ratio of computer expenses to sales).
Step 3: Source suitable benchmark data for comparative analysis (e.g. data from the industry
in which the business operates—much of this information is available from IBIS). Ratios in
the company’s own business can also be used along with those from other businesses
operated by the same company.
Step 4: Consider and investigate the reasons for any unusual differences.
The concept of horizontal and vertical analysis can be somewhat confusing as they are very
closely aligned. However, understanding the differences can be quite straightforward if you
think of horizontal analysis as an analysis of change in raw numbers from period to period
without reference to benchmark data. Vertical analysis, on the other hand, converts the raw values
into a variety of ratios (which are recorded vertically to the side of the raw values). These ratios
are then compared against industry benchmarks or against corresponding ratios for the business
in other periods.
MODULE 3
Horizontal analysis Vertical analysis
% Industry Diff. Ind. Diff. Ind.
Year 1 Year 2 Change Change average Av. Year 1 Av. Year 2
Profit and loss
Sales 250 000 100% 450 000 100% 200 000 80% 100% 0% 0%
Cost of goods sold 125 000 50% 300 000 67% 175 000 140% 42% 8% 25%
Gross margin 125 000 50% 150 000 33% 25 000 20% 58% –8% –25%
Operating expenses
➤➤Question 3.9
Selling expenses 50 000 20% 75 000 17% 25 000 50% 12% 8% 5%

Administration expenses 60 000 24% 100 000 22% 40 000 67% 18% 6% 4%
Net income 15 000 6% –25 000 –6% –40 000 –267% –28% –22% –34%
Balance sheet
Assets
Current assets
Cash 45 000 14% 15 000 4% –30 000 –67%
Accounts receivable 150 000 45% 200 000 47% 50 000 33%
Inventory 75 000 23% 150 000 35% 75 000 100%
Fixed assets (net) 60 000 18% 60 000 14% — 0%
Total 330 000 100% 425 000 100% 95 000 29%
Liabilities
Current liabilities
Accounts payable 95 000 29% 215 000 51% 120 000 126%
Non-current liabilities
Long-term debt 60 000 18% 60 000 14% — 0%
Equity
techniques, identify indicators of possible fraudulent activity for further investigation.
Issued capital—class A 25 000 8% 25 000 6% — 0%

Issued capital—class B 75 000 23% 75 000 18% — 0%
Retained earnings 75 000 23% 50 000 12% –25 000 –33%
Review the example data in the following table. Using both horizontal and vertical data analysis
Total 330 000 100% 425 000 100% 95 000 29%
Permission conveyed through Copyright Clearance Center, Inc.

and detection by Wells, Joseph T. 4th ed. 2013, Wiley & Sons, Hoboken, New Jersey, p. 379.
Source: Republished with permission of Wiley & Sons, from; Corporate fraud handbook: prevention
Study guide |
249
MODULE 3
Using information technology tools (data analytics)

Our final approach to detecting fraud is ‘data analytics’. This approach involves the use of analytical
techniques to identify indicators of potential fraud for further investigation from a large quantity
of electronically stored data. The main requirements for this approach are as follows:
• proper planning targeting specific fraud risks;
• large data storage capacity; and
• rapid data processing.
Data analysis can involve analysis of:

• historical data; and
• data in real time, or near real time.
Analysis of historical data

In analysing historical data, relevant data is extracted from data storage or archives. The data
is then analysed with software that will automatically analyse the captured data against pre-
determined fraud types. Examples of some of data analytics tests that can be applied to
historical data are as follows:
• Matching bank account numbers of suppliers with staff (this may indicate that a staff member
has nominated a payroll account to receive payment for fraudulently submitted invoices).
• Matching telephone numbers or addresses of suppliers with known staff details (this may
indicate involvement of staff in submitting false invoices).
• Matching bank account numbers for more than one employee.
• Identifying duplicate invoice numbers or amounts (this may suggest that the same invoice
has been used to support more than one payment).
• Identifying an unusual frequency of expense claims of a particular type.
MODULE 3
• Analysing kilometres travelled claimed for reimbursement relative to the average.

• Identifying journal entries posted by personnel in unusual circumstances.
• Identifying unusual sales patterns immediately prior to balance date and possible reversal at
the commencement of the next period (e.g. raising fictitious supplier invoices before balance
date to inflate sales and then reversing the fictitious invoices after balance date).
• Identifying unusually high volumes of share trading in a particular stock immediately before
a market announcement.
Analysis of data in real-time or near real-time

Analysing data in real time or near–real-time mode often requires more sophisticated approaches
as live data is analysed while transactions are being processed.
A good example of real-time data analysis approaches is the very sophisticated software used by
banks to identify credit card fraud. This software can identify potentially fraudulent transactions
almost instantaneously by comparing transactions that are in process against the typical spending
pattern of that card holder. Fraudulent credit card transactions of course need to be identified at
the time because once the items have been handed to the fraudster, the bank will have suffered
a loss as credit card transactions, once they are approved, are guaranteed by the issuing bank.
Software is now available that can be used by businesses outside the financial services sector to
identify indicators of fraudulent transactions. The tests performed are essentially the same as for
the analysis of historical data, but it is performed continuously. The aim is to alert the business
about the potentially fraudulent transactions as soon as possible after they have occurred—
the business is then able to do something immediately to minimise losses.
Study guide | 251
Summary
Fraud detection is a relatively new area within business. Traditionally, business has been quite
reactive to the issue of fraud and corruption. There are a range of tools and techniques that
can be used to help detect fraud in a timely fashion so that incidents are identified earlier,
which reduces the exposure to further incidents and assists in reducing any losses.
In the next section, we will look at other proactive measures, collectively referred to as
‘business crime prevention’, which can be taken in the control of business crime.
Preventing business crime

The Australian standard for fraud and corruption control
The objective of AS 8001–2008 Fraud and Corruption Control is ‘to outline a suggested approach
to controlling fraud and corruption against and by Australian entities’. It provides 24 attributes
of a robust fraud and corruption control program. AS 8001–2008 is intended for broad-based
application across the corporate and government sectors, as well as in the not-for-profit sector.
Principles of fraud prevention

The key elements of an effective fraud prevention program (from AS 8001–2008) that Australian
organisations should undertake can be summarised as follows:
1. See fraud and corruption as a business risk.
2. Set the right ‘tone at the top’.
MODULE 3
3. Know your risks.
4. Know your people.
5. Know your customers and suppliers.
6. Remember the ‘three Ps’—planning, planning and planning.
7. Implement specific anti-corruption measures.
8. Create a heightened awareness of fraud and corruption.
9. Open the channels of communication.
10. Implement a fraud detection program.
Assessing fraud and corruption risk

A key element of any fraud control program is gaining an adequate understanding of the risks
facing the organisation. Once the risks have been identified, the organisation can begin
developing and implementing a ‘treatment program’ to reduce the risks to an acceptable
level or eliminate them. According to AS 8001–2008, the risk assessment process involves
the following:
• detailed review of systems and processes;
• fraud risk identification;
• documenting internal controls associated with each identified fraud risk;
• assessing the apparent effectiveness of internal controls in terms of their ability to mitigate
each fraud risk;
• rating each fraud risk according to ‘Consequence’, ‘Likelihood’ and ‘Overall’ rating; and
• developing effective remedial action items aimed at addressing the fraud risks rated ‘High’
or ‘Very High’ (AS 8001–2008 Fraud and Corruption Control, s. 3.6).
The most important output contemplated in the fraud risk assessment process set out in AS 8001–
2008 is the ‘treatment program’ for identified risks. Such treatment programs may involve:
• Risk avoidance (discontinuing the activity giving rise to the risk or transferring the risk
associated with that activity to another party, e.g. the risks surrounding banking cash,
which can be transferred to another party by arranging a cash collection service).
• Improved internal control in relation to the business activity giving rise to the risk or the
risk itself.
• Improved detection program (to ensure that the risk, if it does occur, is identified as quickly
as possible.
• Risk retention with no treatment program on the basis that it is a relative low-level risk
that would have a relatively low impact on the organisation if it did occur (AS 8001–2008
Fraud and Corruption Control, s. 3.6).
➤➤Question 3.10
Consider the procurement/accounts payable system of an organisation that you have dealt with.
List at least three fraud risks associated with that system.
The importance of a robust internal control environment

Poor internal control is an obvious causal factor in fraud and corruption. Analysis of case histories
tells us that poor internal control is commonly associated with fraud and other business crimes.
Identifying internal control weakness after the fact is actually easy—every management team
dealing with a post-business crime crisis will be able to point to what went wrong from an internal
control perspective. A more difficult, although by no means impossible, task is to identify internal
MODULE 3
control weaknesses that may give rise to a higher risk of business crime before it occurs.
The main issue is often resourcing. Just about every business organisation would like to have
a more robust internal control regime but is constrained by limited funding. Effective internal
controls need people:
• to perform the controls themselves in the traditional sense (including to properly vet and
authorise at the time of processing or to review transactions after processing to ensure that
internal controls are being adhered to); or
• to monitor the internal control benefits arising out of analysis of transactional data.
In our current highly competitive environment, business is diverting increased human capital to
revenue-generating roles, rather than roles that are seen by many senior executives as merely
an impost on the business.
Ensuring good internal controls should be seen as one element in an overall business risk management.
Other aspects of risk management are discussed in Module 5.
Table 3.7 highlights the features of a robust internal control program that would help organisations
to guard against a range of business crime.
Study guide | 253
Table 3.7: Features of a robust internal control program
Feature Explanation
Adequate segregation Segregation of duty is the main internal control we think of, but it also the one
of duty that is becoming increasingly difficult to implement as businesses look to reduce
costs by reducing staff numbers. The basic concept is that the functions of
initiating, authorising and processing transactions should be separated—no one
person should have control of all three functions in the ‘procure to pay’ process.
Transaction In the current era of electronic transaction processing, many organisations

authorisation have less-than-ideal processes for authorising business transactions. Often,
transactions will appear in a ‘workflow’ system for authorisation but sometimes
there is no scan of source documents for review by the authoriser, or it is
not possible to determine whether the scanned image is an original or
photocopied document.
Managers should be made aware of the importance of proper scrutiny of the

transactions they authorise.
Vendor vetting False invoicing, a very common form of business crime, is made possible by
poor vendor registration controls. A robust program for vendor registration
will include proper vetting of the proposed supplier/provider. This is aimed
at ensuring that the business is genuine and that there is a proper business
purpose for dealing with them.
New vendors need to be properly scrutinised before they are entered into the
vendor management system and before the first payment is made to them.
There needs to be a proper consideration of the business case for dealing with
MODULE 3
each new vendor.
Restrictions on Financial statement manipulation is sometimes made possible by lax controls

journal processing over who can actually process journal transactions. In some organisations,
there is an assumption that access is strictly provided to journal processing staff
or authorising management, but it is sometimes found that other personnel
have direct journal access and can use that access to falsify the organisation’s
accounting records.
Access to the general ledger through a direct journal module should be strictly
limited. All journal transactions processed should be subject to regular and
independent scrutiny.
Data warehouse Organisations currently deal with massive amounts of data. Unless that data
is available to the business via a data warehouse, the benefit of the data can,
from an internal control and anti-business crime perspective, be lost.
All relevant business data should be available to management to ensure that

business controls are adhered to.
Management All business transactions should be coded to a particular cost/profit centre,

reporting including transactions that are associated with business crime. Business crime
transactions may therefore be picked up by the review of management reports
by the manager responsible for that cost/profit centre.
Managers should diligently review cost/profit centre management reports and

be alert to the indicators of transactions associated with business crime.

Fraud and corruption control planning

Managing business risk has, in recent years, increasingly been accepted as an important
governance issue … By logical extension, controlling the risk of fraud and corruption is
a governance issue that must be given due attention by the controllers of all entities.
Increasingly, major fraud incidents or endemic corruption within an entity will be viewed as
indicative of a failure of the entity’s controllers to discharge these more prescribed governance
obligations. An entity’s approach to managing the risks of fraud and corruption should be
underpinned by an organisation-wide policy developed with internal and external consultation,
and with appropriate benchmarking against established best practice prevention and detection
programs and standards (AS 8001–2008 Fraud and Corruption Control, pp. 6, 10).
AS 8001–2008 provides current best practice guidance in terms of fraud control planning.
Drawing on the content of AS 8001–2008, organisations seeking to develop a robust fraud
control program should develop a fraud control plan based on the following principles:
• comply with AS 8001–2008 (or other similar guidance);
• consultation and review;
• address high-level performance gaps;
• address, at a high level, the fraud risks identified in the risk assessment phase; and
• consider organisational culture.
AS 8001–2008 Fraud and Corruption Control includes a suggested framework for a fraud
control plan in Appendix A.
Specific anti-bribery and corruption (‘ABC’) measures

While the United States has had anti-bribery legislation since 1977, the global effort to fight
MODULE 3
bribery effectively began in November 1997 when Organisation for Economic Cooperation
and Development (OECD) member countries and five non-member countries adopted
the Convention on Combating Bribery of Foreign Public Officials in International Business
Transactions (the OECD Convention).
The convention came into force on 15 February 1999 and, as at May 2014, a total of 41 countries,
all 34 OECD member countries and seven non-members (Argentina, Brazil, Bulgaria, Colombia,
Latvia, Russia, and South Africa) are parties to the convention (OECD 2014).
You can read about the background and history of the OECD Anti-Bribery Convention at:
http://www.oecd.org/corruption/oecdantibriberyconvention.htm; and
http://www.oecd.org/daf/anti-bribery/ConvCombatBribery_ENG.pdf.
Following adoption of the OECD Convention, the United Nations adopted its own Convention
against Corruption (UNCAC) in October 2003 (United Nations 2004) which, by September 2015,
had been signed by 177 countries.
There has been an increased focus on anti-bribery measures in Australia in recent years,
particularly since 2011. This increased focus has resulted from the introduction of the UK Bribery
Act in 2010 and the prosecution of a number of Australian corporations and individuals in
connection with the Securency case outlined in Example 3.12.
There are a number of measures that can be used to prevent bribery, including:
• legislative;
• enforcement; and
• compliance mechanisms.
Legislative mechanisms include both ‘hard law’ (binding legislative requirements) and
‘soft law’ (non-legislative pronouncements intended as guidance to for-profit organisations
and governments).
Study guide | 255
The hard law mechanisms are country-specific laws against bribery within that jurisdiction and
extraterritorial laws aimed at criminalising domestic entities engaging in corrupt practices
in foreign jurisdictions, such as the US FCPA. The soft law mechanisms include the UNCAC,
the OECD Convention and activities by Non-Governmental Organisations (commonly referred
to as ‘NGOs’) such as Transparency International.
With respect to enforcement, there are many agencies who are active in investigating potential
breaches of anti-bribery legislation, such as (in the United States) the Department of Justice,
the Securities and Exchange Commission and the Federal Bureau of Investigations, and
(in Australia) the Australian Federal Police and the Australian Crime Commission.
There are currently a number of anti-bribery legislative regimes that Australian corporations,
government agencies and other entities must with comply with. Compliance with each of the
following pieces of legislation, as appropriate to the jurisdictions in which a corporation or
other entity operates, is seen as the first line of defence in combatting international corruption:
• Foreign Corrupt Practices Act 1977 (United States);
• Criminal Code Act 1995 (Australia); and
• Bribery Act 2010 (United Kingdom).
The following is a short summary of each of these enactments.
FCPA 1977 (United States)

The FCPA 1977 (United States) ‘was enacted for the purpose of making it unlawful for certain
classes of persons and entities to make payments to foreign government officials to assist
in obtaining or retaining business’ (U.S. Department of Justice 2015).
MODULE 3
Since 1977, the anti-bribery provisions of the FCPA have applied to all US persons and
certain foreign issuers of US securities. With the enactment of certain amendments in 1998,
‘the anti‑bribery provisions of the FCPA now also apply to foreign firms and persons who
cause, directly or through agents, an act in furtherance of such a corrupt payment to take place
within the territory of the United States’ (U.S. Department of Justice 2015). Some of the largest
FCPA corporate cases prosecuted have involved non-US companies such as Siemens. The US
government continues to actively pursue non-US companies and individuals.
The FCPA also requires companies whose securities are listed in the United States to meet its
accounting provisions. These accounting provisions, which were designed to operate in tandem
with the anti-bribery provisions of the FCPA, require corporations covered by the provisions to:
(a) make and keep books and records that accurately and fairly reflect the transactions of the
corporation; and
(b) devise and maintain an adequate system of internal accounting controls (U.S. Department of
Justice 2015).
Penalties for individuals who breach the FCPA including the accounting provisions, include fines
of up to USD 5 million and imprisonment for up to 20 years. For corporations and other business
entities, fines of up to USD 25 million are available to the courts. Under the Alternative Fines Act,
courts may impose significantly higher fines than those provided by the FCPA including up to
twice the benefit that the defendant obtained by making the corrupt payment.
For more information see http://www.justice.gov/criminal-fraud/foreign-corrupt-practices-act/; and

http://www.sec.gov/spotlight/fcpa/fcpa-resource-guide.pdf.
Criminal Code Act (Australia)

The Criminal Code Act 1995 (Cwlth) is the core crimes legislation of the Australian Government.
It is the source of criminal law in so far as it relates to Commonwealth offences (either offences
against the Commonwealth or offences that are subject to prosecution by a federal department
or prosecutorial agency).
Australia does not have a Foreign Corrupt Practices Act (like the United States does); instead,
the Criminal Code Act was amended by the proclamation of Criminal Code Amendment
(Bribery Of Foreign Public Officials) Act 1999 (Cwlth). This amendment Act is known informally
as the Bribery of Foreign Public Officials Act. It criminalises bribery payments that are made to
a public official where the aim is to illegitimately acquire some business advantage. The foreign
bribery provisions of the Criminal Code Act are found in Division 70 of the Act.
Penalties for individuals who breach the bribery provisions of the Australian Criminal Code
Act include imprisonment of not more than 10 years, a fine not more than 10 000 penalty units
(one penalty unit is currently equivalent to AUD 180) or both the imprisonment and a fine.
Penalties for corporations include a range of sentencing fine options up to, whichever is the
greater of:
• 100 000 penalty units (currently AUD 18 million);
• three times the value of the benefits derived by the corporation (where this can be
determined); or
• 10 per cent of annual turnover during the 12 months ending in the month the offence occurred.
The Australian Government has been criticised by the OECD for its lack of enforcement of anti
bribery laws. According to a 2011 survey of 88 company executives undertaken by Baker &
MODULE 3
McKenzie LLP, 64 per cent felt that Australian laws were not adequately enforced (Schneider 2011).
As of November 2011, Australia had only prosecuted one case, charging Reserve Bank of
Australia’s units Securency International Pty Ltd and Note Printing Australia Ltd, as well
as employees at the companies, for corrupt payments to obtain banknote printing contracts
(as discussed in Example 3.12). Other cases, such as the Australian Wheat Board (AWB) ‘oil-for-
food scandal’, were investigated and, in the case of AWB, subject to a Royal Commission of
Inquiry (as discussed in Example 3.9).
See https://www.comlaw.gov.au/Details/C2015C00507/Download for a copy of the Australian

Criminal Code Act 1995.
Bribery Act 2010 (United Kingdom)

The Bribery Act 2010 (United Kingdom) is similar in scope and application to the US FCPA.
It makes it illegal for a person to ‘influence a foreign public official with the intent to obtain or
retain business an advantage in the conduct of business’ (Bribery Act 2010, c. 23, s. 6).
Under Section 7, a ‘relevant commercial organisation’ also commits an offence if a person

associated with it pays a bribe for the purpose of obtaining or retaining business for the
organisation or obtaining or retaining an advantage in the conduct of the business. It is a
defence for the ‘relevant commercial organisation’ to prove that it had in place adequate
procedures designed to prevent persons associated with it from undertaking such
conduct. A ‘relevant commercial organisation’ is defined as ‘any other body corporate,
wherever incorporated, which carries on a business, or part of a business, in any part of the
United Kingdom’ (s. 7).
Study guide | 257
Penalties for individuals and corporations who breach the UK Bribery Act are severe with individuals
liable to imprisonment for up to 10 years and/or a fine and for corporations a substantial fine
(from April 2015, the fines that can be imposed for offences under the Bribery Act are ‘unlimited’).
For more information see http://www.legislation.gov.uk/ukpga/2010/23/contents.
It follows from a reading of the provisions of Section 7 that corporations need to be more
‘proactive’ than ‘reactive’ in their anti-bribery response if they are a ‘relevant commercial
organisation’, in effect, if they do business in the United Kingdom. If they fail to take proactive
steps aimed at implementing ‘adequate procedures designed to prevent persons associated
with it from undertaking such conduct’ they may be criminally liable for the conduct of their
people who are involved in bribing foreign officials. An overview of those steps is set out later
in this module.
Comparing Australian, US and UK legislation

It is interesting to consider the differences between the Australian, US and UK anti-bribery
legislation. While all three outlaw bribery of foreign public officials, only the UK Bribery Act
outlaws non-public official bribery (in other words private-to-private bribery).
Only the UK legislation makes it illegal to receive a bribe. Previously, the US FCPA permitted
so-called ‘facilitation payments’, as does the Australian legislation. A ‘facilitation payment’
is defined in the criminal code as a payment that is of nominal value, paid for the sole or
predominant purpose of expediting a minor routine action that is documented by the payer
of the facilitation payment.
MODULE 3
The facilitation payment provisions have now been reversed in the United States so that,
consistent with the UK legislation, facilitation payments as well as bribes are banned. Australian
legislation still permits facilitation payments.
Fines in the UK legislation are unlimited whereas there is a cap in the US and Australian
legislation. All three jurisdictions permit fines linked to the benefit that has been generated
for the organisation by the payment of bribes.
Example 3.18: Alcatel-Lucent

A significant case of foreign bribery occurred in relation to bribes paid by French telecommunications
giant Alcatel-Lucent to foreign government officials to win business in Costa Rica, Honduras, Malaysia
and Taiwan between 2001 and 2006.
The 2010 case is a good example of where the corrupt transactions would have been rendered less
likely to occur had Alcatel-Lucent complied with relevant anti-bribery legislation.
Alcatel-Lucent’s subsidiaries used a network of consultants to channel bribes worth more than
USD 8 million to government officials to obtain or retain telecommunications and other contracts.
Alcatel-Lucent agreed to pay more than USD 45 million to settle the charges and to pay an additional
USD 92 million to settle criminal charges by the U.S. Department of Justice.
‘Alcatel and its subsidiaries failed to detect or investigate numerous red flags suggesting their
employees were directing sham consultants to provide gifts and payments to foreign government
officials to illegally win business,’ said Robert Khuzami, Director of the SEC’s Division of Enforcement.
‘Alcatel’s bribery scheme was the product of a lax corporate control environment at the company.
Source: U.S. Securities and Exchange Commission 2010, ‘SEC charges Alcatel-Lucent with FCPA
violations’, Media release, accessed July 2015, http://www.sec.gov/news/press/2010/2010-258.htm.
Anti-corruption compliance and prevention programs

The FCPA (US), the Australian Criminal Code Act and the UK Bribery Act all impose broadly
similar requirements on corporations and other organisations domiciled in or doing business
in relevant jurisdictions. They impose prescriptive compliance requirements in each case and
provide for prosecution of the individuals and indeed, in certain circumstances, the corporations
to which those individuals are attached, if bribery of a foreign official is proved (and in the case
of the UK Bribery Act, private sector bribery).
It is clear that corporations and other organisations operating globally need to take a proactive
approach to foreign bribery for two reasons. Firstly, they need to ensure that their corporate
reputation is not tarnished by the negative publicity associated with discovery of foreign bribery
and, secondly, they need to ensure that they can demonstrate that they have implemented
systems and controls that are likely to be effective in preventing bribery in order to provide an
effective defence against charges that the organisation itself committed an offence through to
conduct of one or more of its personnel.
Guidelines for the prevention of bribery under the UK Bribery Act

Following the proclamation of the UK Bribery Act, the UK Ministry of Justice issued a booklet
titled The Bribery Act 2010 – Guidance about Procedures which Relevant Commercial
Organisation Can Put into Place to Prevent Persons Associated with Them from Bribing.
This booklet provides guidance on the measures that can be taken by organisations seeking
to provide a robust anti-bribery program. There are six principles espoused in these guidelines:
Principle 1 – Proportionate procedures

Principle 2 – Top-level commitment
MODULE 3
Principle 3 – Risk assessment

Principle 4 – Due diligence
Principle 5 – Communications (including training)
Principle 6 – Monitoring and review
These principles serve as useful guide for measures that should and could be taken by
organisations seeking to manage the risk of bribery in their international operations particularly
when there are concerns about complying with the Bribery Act (UK).
For further detail about the six principles of the UK Ministry of Justice anti-bribery guidelines see:
https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/181762/bribery-act-
2010-guidance.pdf.
The U.S. Department of Justice and Securities and Exchange Commission has issued its Resource
Guide to the U.S. Foreign Corrupt Practices Act. In this guide, the section ‘Hallmarks of Effective
Compliance Programs’ sets out anti-bribery guidelines and these are in line with those of the
United Kingdom.
The US Resources Guide provides guidance on how organisations operating internationally

can ensure compliance with the FCPA and reduce the risk of foreign bribery. While it is aimed
at ensuring compliance with the FCPA, the guidelines are considered equally applicable in
complying with similar legislation in other jurisdictions. The 10 guidelines are set out below
together with the main features of each guideline.
Study guide | 259
Table 3.8: Guidelines for compliance with the FCPA
Commitment from Senior • Boards and senior executive to set ‘proper tone’ for the company
Management and a • Commitment to culture of compliance that is reinforced internally
Clearly Articulated Policy • Avoid compliance programs that are ‘strong on paper’ but are not
Against Corruption implemented often due to a culture of aggressive sales personnel
preventing compliance personnel from doing their job
• Compliance fails when companies choose ‘profit’ over ‘compliance’
Code of Conduct and • Most effective Codes of Conduct are ‘clear, concise and accessible to
Compliance Policies all employees’
and Procedures • Need to ensure that the code is current and effective
• Policies and procedures must set out compliance responsibilities,
internal controls, auditing and documentation
Oversight, Autonomy, • Responsibility assigned for oversight and implementation of the

and Resources compliance program
• This responsibility to be assigned to a senior executive with appropriate
authority with sufficient resources to ensure that the compliance program
is implemented effectively
Risk Assessment • Organisations need to have an appropriate risk assessment program

• Avoid spending disproportionate amount of time on policing modest
entertainment / gift giving—the focus needs to be on large government
bids, questionable payments to third-party consultants, discounts etc.
• Organisation needs to change procedures as risk increases—change
periodic audits, compliance procedures and due diligence on
international transactions
• Factors to consider include: the country / industry sector, the
MODULE 3
business opportunity, potential business partners, level of
involvement with government
Training and • Compliance program must be communicated effectively throughout

Continuing Advice the company
• Should include periodic training and certification for all directors,
officers and relevant employees structured so that it is appropriate
for the target audience
• Training to include real-life scenarios
Incentives and • Appropriate and clear disciplinary procedures that are applied reliably
Disciplinary Measures and promptly
• Publicising disciplinary action can have a deterrent effect
• Positive incentives can also drive compliant behaviour (e.g. personal
evaluations, promotions, rewards for improving and developing the
compliance program, rewards for ethics and compliance leadership)
• Reward ‘doing the right thing’
Third-Party Due Diligence • Risk based due diligence

and Payments • Understand the qualifications and associations of third-party partners
including business reputation and relationships with foreign officials
• Understand the business rationale for including a third party (e.g. a
local agent) in a transaction
• Ongoing monitoring of third party relationships
• Inform third parties of the compliance program and seek assurances where
appropriate from third parties that they are in compliance with that program
Confidential Reporting • Mechanism for employees and others to report suspected or actual
and Internal Investigation misconduct or violations of the company’s policies
• Once an allegation is made, companies should have in place efficient and
reliable investigation processes
• Leverage from the ‘lessons learned’ through the investigation of reported
violations.
Continuous • Constantly evolving compliance program

Improvement: Periodic • Program for regular review and improvement—not allow them to
Testing and Review ‘become stale’
Mergers and Acquisitions: • Important for a company to carry out appropriate due diligence at the
Pre-Acquisition Due time of a merger or acquisition
Diligence and Post- • Lack of due diligence may mean that corrupt practices present in the
Acquisition Integration local entity will continue following the transaction
Source: Adapted from U.S. Department of Justice and SEC 2012 ‘A Resource Guide to the U.S. Foreign
Corrupt Practices Act’, accessed November 2015,
http://www.sec.gov/spotlight/fcpa/fcpa-resource-guide.pdf.
Other anti-corruption guidance

Section 3.10 of AS 8001–2008 Fraud and Corruption Control includes provisions dealing
specifically with controlling the risk of corruption. AS 8001–2008 provides that:
Specific measures to be included in an anti-corruption program should include:
• a program for corruption resistance wherein the entity makes a strong anti-corruption
statement (in terms of both incoming and outgoing corrupt conduct) which is properly
communicated and then consistently applied throughout the entity;
• implementing a policy of personnel rotation so that improper relationships are less likely
to develop;
• consideration of requiring ‘vendor audits’ of ‘high-risk’ providers;
• enhanced probity and contracting procedures;
MODULE 3
• opening channels of communication within the entity so that employees have a range of
alternative avenues for reporting concerns in relation to possible corrupt conduct; and
• opening channels of communication with customers, vendors and other third parties aimed
at encouraging those parties to come forward if there is an indication of corrupt conduct
involving the entity or any person associated with the entity (AS 8001–2008).
AS 8001–2008 also refers to Business Principles for Countering Bribery published by Transparency
International. The 2013 edition of this document sets out the key anti-bribery principles:
• developing business principles for anti-bribery within the organisation;
• developing a program for countering bribery;
• risk assessment;
• establishing the scope of the anti-bribery program; and
• establishing program implementation requirements (Transparency International 2013, p. 6).
Summary
Fraud and corruption prevention is generally not done well. A sense of complacency often
permeates the business community—proactive measures are typically implemented only in
response to a major incident. Organisations should consider whether they do have an exposure
to fraud and corruption and, if so, objectively consider the potential damage that could be done.
If there is an exposure to fraud and corruption, the fraud prevention measures set out in this
module could be implemented. CPA Australia members have a role in working with their clients
and employers to determine whether there is an exposure to fraud and corruption, and whether
a program for management of the fraud and corruption risk is warranted.
Study guide | 261
Review
This module provided an overview of the range of business crimes encountered by businesses
and government agencies, and discussed how forensic accountants are being engaged to assist
in the investigation, detection and prevention of such activity.
First, we looked at how forensic accounting is now an established separate discipline and how
APES 215 has been issued to assist practitioners. We noted that tertiary education in forensic
accounting is becoming more widely offered by universities and colleges, while many major
accounting firms now contain specialist forensic divisions. The role of ‘forensic accounting’ is
seen as a relatively new, but now well-established, discipline within the accounting profession.
We also highlighted the important point that an accountant does not need to be a ‘forensic
accounting’ specialist to be bound by the provisions of APES 215—any accountant who is
member of a professional body that has adopted this standard (including CPA Australia) and
who is delivering any of the services described in APES 215 is subject to that standard and must
comply with its requirements.
We then covered the concept of ‘business crime’ and its impact on victim organisations.
Business crime can have a major effect on businesses and in some cases even cause a business
to fail.
The next section discussed how the forensic accountant can help clients to investigate business
crimes. It covered ways of detecting business crime and how the risks can be more effectively
managed. We highlighted that one of the key aspects of all forensic accounting assignments
is a focus on evidence, where the forensic accountant is primarily concerned with gathering,
MODULE 3
securing and analysing evidence relevant to a business crime investigation and then presenting
the outcome of this work as clearly as possible.
We reinforced that in carrying out assignments in this area of practice, accountants are bound
by the relevant professional standard (APES 215) and a variety of legal requirements, including
the rules of evidence. We then discussed how the expert witness guidelines of the various
courts make it clear that forensic accountants are servants of the court when giving evidence
and must recognise at all times their paramount duty to the court as distinct from the client who
appointed them. Their reports for courts and clients must, in order to be effective, conform to
the principles of accuracy, clarity, independence, assumptions and relevance, and be properly
referenced. In addition, the module considered the need for an appropriate investigator licence
in certain situations.
The next section discussed fraud detection. We noted that, traditionally, business has been quite
reactive to the issue of fraud and corruption. We discussed a range of tools and techniques that
can be used to help detect fraud in a timely fashion, enabling incidents to be identified earlier.
Finally, we looked at business crime prevention. We mentioned that fraud and corruption
prevention is something that is generally not done well. We discussed how organisations should
consider whether they have an exposure to fraud and corruption and, if so, objectively consider
the potential damage. If there is an exposure, the fraud prevention measures set out in this
module could be implemented.
MODULE 3
Suggested answers | 263
Suggested answers
Suggested answers
Question 3.1
(a) Failing to detect fraud early has a dramatic impact on the total loss for organisations.
The longer the fraud continues, the greater the loss, as shown in Figure 9 in the ACFE report.
The implication of this is that a perpetrator of workplace fraud will continue to offend until
MODULE 3
they are caught. For example (looking at Figure 9), the median fraud loss from incidents
picked up in less than seven months was only $50 000, while the median loss from incidents
picked up in 61 months or more was $965 000. It is interesting to note the linear progression
of the median loss between those extremes. As the report notes, ‘the longer frauds were
able to go undetected, the more costly they become’ (ACFE 2014, p. 16).
(b) External audit was involved in detecting only 3 per cent of detected fraud cases (i.e. not 3%
of cases that actuall y occur). This compares with 3.3 per cent in 2012 and 4.6 per cent in
2010. This contrasts with the expectation of some people in business that an external audit
will be effective in detecting fraud.
(c)
Table SA 3.1: Most common means of fraud detection in a selection of regions
Country/region Means of fraud detection
United States Tip, management review, internal audit
Sub-Saharan Africa Tip, management review, internal audit
Asia–Pacific Tip, management review, internal audit
Western Europe Tip, management review, internal audit
Eastern Europe and Western Central Asia Tip, management review, internal audit
Canada Tip, management review, accident/account reconciliation
Latin America and the Caribbean Tip, management review, internal audit
Southern Asia Tip, management review, internal audit
Middle East and North Africa Tip, management review, internal audit
It is interesting to note that, consistently across the world, the most commonly reported
means by which workplace fraud is detected is via ‘tips’.
(d) The sectors with the highest rate of detected internal fraud are banking and financial
services (17% of the total number of cases reported) followed by government and public
administration (10.3%). It is unsurprising that banking and financial services have a higher
rate of internally instigated fraud given the volume and accessibility of funds in that sector
relative to other sectors.
(e) You should consider the data applicable to your own industry sector; however, data for a
selection of sectors is provided in Table SA 3.2.
Table SA 3.2: Most common types of fraud in a selection of sectors
Sector Two most common types of fraud
Banking and Financial Services Corruption, cash on hand
Government and Public Administration Corruption, billing
Health Care Corruption, billing
Education Corruption, billing
Insurance Corruption, skimming
(f) The report found that organisations rely heavily on an external audit of financial statements
to identify fraud, with 81.4 per cent of organisations saying that this is one of their fraud
MODULE 3
detection strategies. This is in contrast to the very low rate of fraud detection by the external
audit process. Other fraud detection strategies include having a code of conduct (77.4%) and
having an internal audit department. From Figure 26 in the ACFE report, it is clear that many
organisations have multiple strategies in place aimed at detecting workplace fraud.
(g) The survey does not provide the profile of a typical fraudster but we are able to build our own
profile based on the highest frequency of each of the available parameters, which shows:
–– male (66.8%);
–– aged 41 to 45 years (frequency rather than value) (18.1%);
–– employed in the accounting department (17.4%);
–– non-management employee (frequency) (42%);
–– 12 months to detect the fraud (for non-management employee);
–– acting alone (54.9%);
–– involved in corruption of billing (false invoicing) schemes (around 22% each);
–– in role for between one and five years (40.7%);
–– no prior criminal history (86.6%); and
–– exhibiting signs of living beyond their means (43.3%).
(h) Males are more commonly associated with workplace fraud incidents according to the
survey, with 66.8 per cent of offenders being male (this is consistent with the other Report
to the Nations surveys published in recent years). Representation of males in fraud cases
varies across different regions. Males also are responsible for a higher median value of loss,
which is in part due to a higher proportion of males who commit fraud being in management
or owner/executive positions. Males also exhibit different behavioural red flags than females,
with fewer males than females committing fraud because of financial difficulties.
Question 3.2
(a) The Australian Institute of Criminology table shows a steady decline in the rates of reported
fraud over the last 10 years, but for the first time since 2004–05, there was an increase in
reported rates in 2011–12. The survey notes that the increase in 2011–2012 may be due to
‘changes to counting rules rather than an increase in reported offences’ (AIC 2014, p. 35).
This decline over the last 10 years (other than 2011–12) is at odds with recent estimates and
surveys, which all talk about an increase in fraud not a decrease. It is arguable that the decline
in reporting rates is just that—a decline in the rate of fraud reported rather than a decline in
the number of cases.
(b) Depending on the jurisdiction, reporting fraud to the police or other law enforcement
agencies may not be mandatory. That leaves open the question of whether business is less
inclined to report such matters to law enforcement than it once was. Some of the reasons
why business crime victims may be inclined not to report business crimes to law enforcement
agencies are as follows:
–– a wish to avoid negative publicity;
–– a sense that the organisation has nothing to gain;
–– fears that the investigation will involve the organisation unduly in a protracted legal
proceeding; and
–– fears that criminal action against the perpetrator will adversely affect any civil
proceedings taken by the victim.
(c) The report notes that ‘Fraud is believed to be one of the most under-reported offences,
with fewer than 50 percent of incidents being reported to police or other authorities’
(AIC 2014, p. 34). This is similar to the data set out in the Report to the Nations on
MODULE 3
Occupational Fraud and Abuse (ACFE 2014).
Question 3.3
The forensic accountant investigating a business crime, such as bribery and corruption,
is focused on capturing and analysing evidence. This will involve:
• searching for and capturing relevant evidence;
• identifying witnesses to interview;
• interviewing witnesses;
• analysing bank records (both in terms of potential payer and potential receivers
of bribe payments);
• reviewing electronic communications;
• reviewing social media to look for relationships between the various parties;
• preparing relationship charts;
• analysing all evidence (including the oral evidence of witnesses); and
• reporting.
Question 3.4
There are a number of controls and initiatives that organisations can take to counter the risks of
corruption:
• develop and implement a corruption control plan;
• develop and implement a communication program;
• enhance probity and contracting procedures;
• install a program of alternative avenues for reporting suspicions of corruption; and
• open channels of communication with customers, vendors and other third parties.
In relation to enhanced probity and contracting procedures, organisations should ensure that
they have a policy of rotation so that their personnel do not establish an improper association
with a supplier, customer or other business partner through an association that has continued for
too long.
Question 3.5
(a) The objective of money laundering is to enable people with a beneficial interest in the
proceeds of criminal activity to enjoy the fruits of their criminal conduct while at the same
time satisfactorily accounting for the source of those funds to government investigation and
regulatory bodies. Without money laundering, the proceeds of large criminal activity would
not be available to the criminals who generated it as they would not be able to demonstrate
the legitimacy of the income.
MODULE 3
(b) Investigations could include:

–– examining the bank records of the subject of the investigation;
–– examining the bank records of a business entity used as a vehicle to launder criminal
proceeds;
–– considering legitimate sources of income of the subject of the investigation; and
–– preparing an asset betterment statement (see later in this module) aimed at identifying
an increase in assets that cannot be accounted for by income from legitimate sources.
Question 3.6
(a) There would be a chain of records and documents held by the company, and which are the
property of the company, that can be sourced for analysis. These would include:
–– accounting records disclosing the services rendered and the subsequent billing history
of the company to the client(s); and
–– accounting records of payments received from the client company, including bank
statements of the company.
These internal company records can be analysed to find out, by careful reconciliation,
the correct level of billing to the client and the correct level of payments received—allowing
for an accurate calculation of any difference.
Assuming the client company is willing to assist in the investigation, that entity should
be able to provide copies of their records showing receipt of bills and their payments.
Matching these records would disclose funds:
–– yet to be paid;
–– paid and received; and
–– paid and not received by your client.
These records would normally be made available to the investigator on request.
It then may be necessary to seek a court order to obtain the banking records of the
employee. This may be possible in a situation where you are able to gather sufficient
evidence to present to a court.
(b) Other sources of evidence you may seek could be:

–– information gained through interviews with the staff member and other employees;
–– computer-based data from computers operated by the employee at your client company;
–– computer-based data from the computer of the employee (subject to a court order); and
–– telephone records held by the company for telephones used by the employee.
Question 3.7
The Analyst’s Notebook software program would assist in preparing a forensic accountant’s
report in a business crime investigation by showing:
• relationships between individuals, corporations and other parties;
• timelines of events; and
• movement of funds between various relevant parties.
Question 3.8
Payroll fraud presents accounting anomalies such as:
MODULE 3
• casual staff who have not worked for some time suddenly being included on the payroll;
• salary and wages for more than one employee being paid into a common account;
• alterations to time sheets or other payroll records to show more hours worked;
• alterations to hourly rates; and
• unusual claims for higher-duties allowances.
Question 3.9
Horizontal analysis
• In Year 2 there has been an 80 per cent increase in sales—this would seem to be a dramatic
increase in sales volume in one year.
• At the same time, the cost of goods sold (COGS) has increased by 140 per cent—it would be
worthwhile making inquiries about why the increase in COGS is out of step with the increase
in sales (you would expect them to be similar).
This could indicate:

• understated sales volume;
• overstated sales volume;
• theft of inventory; or
• false invoicing (payment for inventory not received).
However, it could also be due to other non-integrity related matters—for example, a price
reduction in order to compete in the market or obsolete inventory being written off.
Vertical analysis
• Cost of goods as a ratio of sales volume is very high in this business for both Year 1
and Year 2 (50% and 67% respectively relative to an industry average of 42% of sales)—
this variation would need to be investigated and accounted for.
• Selling and administration expenses appear to be quite high relative to the industry average.
Vertical analysis shows unusual variations in COGS, which are worthy of further investigation.
The potential fraud types are the same as for the horizontal analysis. Higher than expected
selling and administration expenses as a proportion of sales could indicate manipulation,
such as false invoices for services associated with these functions. But again, there may be
other legitimate reasons for the apparent anomalies.
Question 3.10
Accounts payable/procurement fraud (otherwise referred to as false invoicing) is a commonly
encountered workplace fraud. It is important to consider the risks in all their variations to ensure
that an accurate assessment of the risks confronting the business can be achieved. So, for example,
when conducting a fraud risk assessment, the risk would not be limited to a generic ‘accounts
payable fraud’—it would need to include as many of the variations as listed below that apply to
the business under review.
• False invoicing—in collusion with a genuine supplier—generating an invoice for:

–– inventory not provided;
–– non-inventory goods or services not provided.
MODULE 3
• False invoicing—someone masquerading as a genuine supplier—generating an invoice for:

• False invoicing—bogus supplier—generating an invoice for:
• Fraudulent undersupply of ordered inventory by the supplier.
• Corrupt relationship with suppliers:
–– inventory; and
–– non-inventory.
Case Study 3.1

(a) Yes, there are grounds for investigating the matter:
–– cost blowouts on capital projects of this size (21% spend over budget) should always ring
alarm bells and by itself would provide adequate justification for an investigation; and
–– the relationship between the Director and Business Manager (brothers-in-law) and the
circumstances surrounding the appointment of the Business Manager may raise concerns
in the context of the cost blowout and the poor responses from the Director to questions
from the board.
(b) You could:

–– inspect the capital works to gain an overview of the size of the project (or appoint an
agent in KL to do this on your behalf);
–– conduct public record searches in Malaysia of Ampang and Bunga bin Kartika—consider
any potential relationships with members of the KL management team (particularly the
Director and the Business Manager) and Bunga bin Kartika and Ampang;
–– review project files to understand all contractors and advisers involved on the project;
–– review correspondence between Bunga bin Kartika/Ampang and Lew Guangli and
Yong Huojin; and
–– assess the adequacy of project management.
Case Study 3.2

(a) Data analysis that could be done to identify transactions for further investigation includes:
–– capturing all accounts payable data and online banking data, and migrating all data to a
single spreadsheet;
–– if possible, capturing data dealing with the other quotations for the capital project
received by Midland prior to the appointment of Ampang;
–– capturing the master file data in relation to the vendor Ampang;
–– determining if there are any irregularities in relation to payments made to Ampang
(i.e. confirming all payments have been transferred to the same account, confirming that
the payments accord with the claims made by Ampang);
–– examining the vendor masterfile audit log to determine if there are any irregularities with
regard to the bank account number (e.g. rapid changes);
MODULE 3
–– if there have been changes, considering whether any of the additional account numbers
are ‘known’ to Midland (either another vendor or an employee);
–– assessing the value of all variations to test the assertion by the whistleblower that
variation payments have been split; and
–– if the data is available, identifying the personnel who processed and authorised the
variation payments.
(b) Phase 1: Briefing

–– Meet with the board to understand the objectives for the investigation.
–– Identify clear reporting relationships for the investigation.
–– Document objectives and scope in writing with the board.

–– Consider the number of resources required (in the preliminary phase and then for the
substantive phase).
–– Consider external resources that may be required (e.g. forensic technology specialist,
building and construction specialist).
–– Develop an investigation plan that is agreed with board.
–– Set milestones.
Phase 3: Building a profile

–– Conduct publicly available searches on parties associated with the builder in Malaysia
(Ampang and all directors, shareholders and employees) and the Director (and possibly
the Business Manager).
–– Public record search would include:
|| company searches;
|| bankruptcy;
|| land titles; and
|| social media (e.g. LinkedIn, Facebook).

–– Capture the capital project file.
–– Capture the KL operation’s banking records showing payments to Ampang.
–– Capture accounts payable records.
–– Capture laptop computers and mail accounts of relevant Midland KL personnel.
–– Consider consensual delivery of documentation from other parties and, failing this,
consider court orders for discovery, non-party discovery, search orders, etc.
–– Consider building work done on the Director’s own property and how to determine the
builder who worked on that property (through the local planning authority for example—
e.g. building permits etc.).

–– Review each payment to Ampang and confirm that the documentation is in accordance
with the claim submitted.
–– Isolate claims for variations.
–– Consider and assess variations.
–– Review Midland personnel involved in reviewing and approving payments to Ampang.
–– Identify any improper relationships from examination of digital evidence.
Phase 6: Reporting
–– Report of findings to be in accordance with the requirements of APES 215 and having
regard to the fact that the matter is likely to be heard in the Malaysian legal system.
–– The report must set out quantification of any loss and the evidence gathered and
examined that supports that calculation.
–– Consider reporting any findings to law enforcement agencies in Malaysia.
–– Consider Midland’s options for further action and include these in the report.
MODULE 3
Case Study 3.3

Consideration would be given to obtaining the following evidence using the approaches listed
in Table SA 3.3.
Table SA 3.3: Legal avenues for gathering further evidence
Evidence Approach
All Midland KL campus records including capital This should all be freely accessible from KL.
project files, tender evaluation files, payment
records, invoices, correspondence
Email accounts of the Director and Business This should all be freely accessible from KL.
Manager and the laptop computers and smart
phones for each
Banking records of the Director You would attempt to obtain these voluntarily.
Failing this you would consider seeking an order
of the court for non-party discovery against the
Director’s banker.
Evidence in relation to the work done on the You would attempt to obtain these voluntarily.
Director’s own premises Failing this you would consider seeking an order
of the court for non-party discovery against
the Director.
Note: This would be done as part of ‘Phase 4: Gathering and securing evidence’ as mentioned in
Case Study 3.2.
Case Study 3.4

(a) The relevant evidence currently is as follows:
–– There have been major cost blowouts on the capital project for the construction of the
International Business campus in KL.
–– Many of the cost blowouts have arisen from ‘variations’.
–– There are unusual features for the processing of the claims for variations.
–– The Director has assured the board that the project was being delivered in accordance
with the budget—which does not appear now to be correct.
–– The Director is redeveloping his own residence—which commenced shortly after
the start of the KL construction project.
–– There has been apparent favoured treatment to the winning tenderer for the
capital project.
On the basis of this evidence, it appears that there are possible kickbacks being paid to the
Director by the builder of the KL campus. It appears that there is a need for:
–– a complete investigation into the matter;
–– suspension of the Director pending the outcome of the investigation;
–– commencement of legal proceedings in order to obtain orders for discovery, etc. from
the Malaysian courts; and
–– reporting of the matter to the Malaysian police.
(b) As mentioned, there is a case for involving the police on the basis of the available evidence.
As any offences occurred in Malaysia, there will be difficulties associated with preparing the
case from New Zealand. This may be a factor in whether Midland is prepared proceed with a
police report.
MODULE 3
On the assumption that a decision is made to report the matter to the Malaysian police,
the following is a summary of how the reporting would be structured:
–– case summary;
–– list of witnesses;
–– witness statements (or affidavits) in legally admissible form as required in each
jurisdiction—including the statements of the informant (if relevant) and investigators
at the end of all witness statements;
–– transcripts of interviews or other documentation evidencing the interview with the
person charged;
–– list of exhibits;
–– copies of exhibits; and
–– diagrammatic representation of the evidence.
MODULE 3
References | 273
References
References
Accounting Professional & Ethical Standards Board 2013, APES 215 Forensic Accounting
Services, accessed August 2015, http://www.apesb.org.au/uploads/standards/apesb_
standards/13092014103232p1.pdf.
Albrecht, W. S., Albrecht, C. O., Albrecht, C. C. & Zimbelman, M. F. 2014, Fraud Examination,
5th edn, South-Western Cengage Learning, Mason, Ohio.
MODULE 3
Allsop, J. 2013, ‘Expert witnesses in proceedings in the Federal Court of Australia—Practice
Note CM 7’, Federal Court of Australia, accessed July 2015, http://www.fedcourt.gov.au/law-and-
practice/practice-documents/practice-notes/cm7.
Association of Certified Fraud Examiners (ACFE) 2014, Report to the Nations on Occupational
Fraud and Abuse—2014 Global Fraud Study, accessed August 2015, http://www.acfe.com/rttn/
docs/2014-report-to-nations.pdf.
Attorney-General’s Department 2006, ‘Inquiry into certain Australian companies in relation

to the UN Oil-For-Food Programme’, accessed August 2014, https://web.archive.org/
web/20150227210237/http://www.oilforfoodinquiry.gov.au.
Australian Bureau of Statistics 2012, Personal Fraud, 2010–2011, cat. no. 4528.0, accessed August
2015, http://www.abs.gov.au/ausstats/abs@.nsf/mf/4528.0.
Australian Crime Commission (ACC) 2013, ‘Financial crimes’, accessed August 2015, https://www.
crimecommission.gov.au/sites/default/files/FINANCIAL%20CRIMES%20JULY%202013.pdf.
Australian Institute of Criminology (AIC) 2014, Australian Crime: Facts & Figures: 2013, accessed
August 2015, http://aic.gov.au/publications/current%20series/facts/1-20/2012/2_profiles.html.
Australian Payments Clearing Association (APCA) 2014, Australian Payments Fraud Details and
Data, accessed August 2015, http://www.apca.com.au/docs/fraud-statistics/Australian-payments-
fraud-details-and-data-2014.pdf.
Australian Securities & Investments Commission (ASIC) 2014, ASIC Enforcement Outcomes:
July to December 2013, Report 383, pp. 32–3, accessed August 2015, http://download.asic.gov.
au/media/1344494/rep383-published-11-February-2014.pdf.
Baker, R. & McKenzie, N. 2012 ‘Guilty plea in RBA scandal’, Sydney Morning Herald, accessed
July 2015, http://www.smh.com.au/federal-politics/political-news/guilty-plea-in-rba-scandal-
20120718-22ap8.html#ixzz3gHmSVj5X.
Cleveland, M., Favo, C. M., Frecka, F. J. & Owens, C. L. 2009, ‘Trends in the international fight
against bribery and corruption’ Journal of Business Ethics, vol. 90, issue 2, pp. 199–244.
Commercial Agents and Private Inquiry Agents Act, 2004 (NSW), s. 4.
Cressey, D. R. 1973, Other People’s Money, Patterson Smith, Montclair, New Jersey.
Crumbley, D. & Apostolou, N. 2007, ‘America’s first (and most fearless) high-profile forensic
accountant’, The Value Examiner, September/October.
Department of Justice (US) 2008, ‘Siemens AG and three subsidiaries plead guilty to Foreign
Corrupt Practices Act violations and agree to pay $450 million in combined criminal fines’,
accessed August 2015, http://www.justice.gov/opa/pr/2008/December/08-crm-1105.html.
Ernst & Young 2014, Overcoming Compliance Fatigue—13th Global Fraud Survey,
accessed August 2015, http://www.ey.com/Publication/vwLUAssets/Overcoming_compliance_
fatigue/$FILE/13th%20GLOBAL%20FRAUD%20SURVEY%20FINAL%20low%20res.pdf.
Madinger, J. 2012, Money Laundering: A Guide for Criminal Investigators, 3rd edn, CRC Press,
Boca Raton, Florida.
Organisation for Economic Cooperation and Development (OECD) 2011, Convention on

MODULE 3
Combating Bribery of Foreign Public Officials in International Business Transactions, accessed

July 2015, http://www.oecd.org/daf/anti-bribery/ConvCombatBribery_ENG.pdf.
Organisation for Economic Cooperation and Development (OECD) 2014, Convention on

Combating Bribery of Foreign Public Officials in International Business Transactions, ‘Ratification
Status as of 21 May 2014’, accessed November 2015, http://www.oecd.org/daf/anti-bribery/
WGBRatificationStatus.pdf.
Sainsbury, M. 2010, ‘Rio Tinto’s Stern Hu jailed for 10 years’, The Australian, accessed August
2015, http://www.theaustralian.com.au/business/mining-energy/rio-tintos-stern-hu-jailed-10-
years/story-e6frg9df-1225847088979.
Shields, A. 2009, ‘History of forensic accounting’, Dolman Bateman, 5 March, accessed August
2015, http://www.dolmanbateman.com.au/125/history-of-forensic-accounting.
Schneider, J. 2011 ‘Australia’s enforcement of bribery laws slack, executives say’, Businessweek,
23 November, accessed May 2013, http://www.businessweek.com/news/2011-11-23/australia-s-
enforcement-of-bribery-laws-slack-executives-say.html.
Standards Australia, AS 8001–2008 Fraud and Corruption Control, Standards Australia, Sydney.
Sutherland, E. H. 1949, White Collar Crime, Dryden Press, New York.
Transparency International 2015, Business Principles for Countering Bribery 2013, accessed
November 2015, http://www.transparency.org/whatwedo/tools/business_principles_for_
countering_bribery/1.
References | 275
United Nations 2004, United Nations Convention Against Corruption, accessed November 2015,
http://www.unodc.org/documents/treaties/UNCAC/Publications/Convention/08-50026_E.pdf.
U.S. Department of Justice 2015, ‘Foreign Corrupt Practices Act, An Overview’, accessed
November 2015, http://www.justice.gov/criminal-fraud/foreign-corrupt-practices-act.
U.S. Department of Justice and SEC 2012, A Resource Guide to the U.S. Foreign Corrupt Practices
Act, accessed November 2015, http://www.sec.gov/spotlight/fcpa/fcpa-resource-guide.pdf.
U.S. Securities and Exchange Commission 2008, ‘SEC charges Siemens AG for engaging in
worldwide bribery’, accessed August 2015, https://www.sec.gov/news/press/2008/2008-294.htm.
Wells, J. T. 2013, Corporate Fraud Handbook—Prevention and Detection, 4th edn, John Wiley &
Sons, Hoboken, New Jersey.
World Bank & United Nations 2011, ‘Fact sheet on stolen asset recovery’, accessed August 2015,
http://www.unodc.org/pdf/Star_FactSheet.pdf.
Optional reading
Financial Action Task Force (FATF) 2012, FATF Recommendations: International Standards on
Combating Money Laundering and the Financing of Terrorism and Proliferation, Organization
for Economic Co-operation and Development, Paris.
Hoffman, R., Finney, W., Cox, P. & Cooper, K. 2013, The Accountant as an Expert Witness:
A Basic Guide to Forensic Accounting, 2nd edn, CCH Australia Ltd, Sydney.
MODULE 3
Taylor, J. 2011, Forensic Accounting, Prentice Hall Financial Times, New York.
MODULE 3

2016 CBI Study Guide - Module 3 - 16a

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

2016 CBI Study Guide - Module 3 - 16a

Uploaded by

Copyright:

Available Formats

CPA PROGRAM

Edited and designed by DeakinPrime

ISBN 978 0 7300 0036 5

Suggested answers 263

An overview of forensic accounting

Figure 3.1: Elmer Irey and Frank Wilson

Forensic accounting roles

The roles occur at two distinct levels:

Table 3.1: Forensic accounting roles

Reactive • Negligent act • Interview of suspects/ • Data recovery

Proactive • Dispute avoidance • High level of risk • Data mining

Source: CPA Australia 2015.

APES 215 Forensic Accounting Services

See also the CPA Factsheet on APES 215 at: cpaaustralia.com.au/~/media/corporate/allfiles/

Defining business crime

The concept of fraud as a business crime

Example 3.1: Jurisdictional differences in criminal law

He proposes two fraud types:

He further proposes corruption as a separate concept to the two fraud types.

Figure 3.2: Joseph Wells’s fraud and corruption classification

Conflicts Illegal Economic Inventory Non-

Figure 3.3: Asset misappropriation

Of cash Refunds Asset req.

From the Write-off False sales

Billing Payroll Expense Check Register

Shell Ghost Mischaracterised Forged False

Non- Commission Overstated Forged False

The ‘fraud triangle’

Figure 3.4: The fraud triangle

• Natural perk of the job

• Gambling • Organisational culture (everybody does it)

• Lifestyle • Example set by senior people

• Greed • Perceived low pay

• Drugs • Organisation can afford it

• Financial pressure • Organisation overcharges customers

The main findings of the report (ACFE 2014) were:

Other estimates of fraud

In the remainder of this section, we examine seven categories of business crime:

Example 3.2: Clive Peeters Ltd

Justice Forrest said in sentencing:

Source: R v. Causer [2010] VSC 341, accessed October 2015,

Example 3.3: Chartwell Pty Ltd

Externally instigated fraud

Example 3.4: Redirection of funds to a bogus account

Financial statement fraud

Figure 3.5: Elements of financial statement fraud

Timing Timing Employment

Fictitious Fictitious Internal

Concealed Concealed External

Ernst & Young (2014) reported that:

Table 3.2: Financial statement fraud

Fraud type Definition

Timing differences Recording revenue or expenses in incorrect financial periods in

Fictitious revenues Recognition of sales of goods or services or other revenues that

Improper disclosures Failure to disclose relevant and material financial information or

Example 3.5: Enron

Example 3.6: Sigma Pharmaceuticals Ltd

Source: Adapted from ASIC 2015 ‘15-170MR

Bribery and corruption (local)

Businesses need to consider bribery and corruption at two levels:

The definition of corruption in AS 8001–2008 (para. 1.7.4) is:

Real-life examples of bribery and corruption include:

Example 3.7: Bribery in the manufacturing sector