Professional Documents
Culture Documents
2016 CBI Study Guide - Module 3 - 16a
2016 CBI Study Guide - Module 3 - 16a
CONTEMPORARY
BUSINESS ISSUES
MODULE 3
Version 16a
Published by Deakin University, Geelong, Victoria 3217 on behalf of CPA Australia Ltd,
ABN 64 008 392 452
First published July 2010, updated January 2011, July 2011, revised January 2012,
reprinted with amendments July 2012, revised January 2013, reprinted with amendments July 2013,
revised January 2014, reprinted July 2014, second edition January 2015, updated January 2016.
© 2010–2016 CPA Australia Ltd (ABN 64 008 392 452). All rights reserved. This material is owned or
licensed by CPA Australia and is protected under Australian and international law. Except for personal and
educational use in the CPA Program, this material may not be reproduced or used in any other manner
whatsoever without the express written permission of CPA Australia. All reproduction requests should be
made in writing and addressed to: Legal, CPA Australia, Level 20, 28 Freshwater Place, Southbank, VIC 3006
or legal@cpaaustralia.com.au.
This is an electronic version of the printed study material. Apart from any fair dealing (e.g. for the purposes
of private study) as permitted under the Copyright Act 1968 (Cwlth), no part of this material may be
copied, scanned, transmitted, distributed or reproduced in part or in whole without the permission of
CPA Australia Ltd.
Authors
Terence Brooks Manager of the Forensic Investigation Unit,
Professional Standards Command of Victoria Police
Courtney Clowes Director, KnowledgEquity
Keith De La Rue Independent Consultant, Speaker and Director, AcKnowledge Consulting
Dr Jane Hamilton Independent Consultant
Marina Kelman General Manager, Mergers and Acquisitions, National Australia Bank
Dr Hayat Khan Lecturer, La Trobe University
Dr Julie Margret Senior Lecturer, La Trobe University
Dean Newlan Consultant to McGrathNicol Forensic
Roger Simnett Professor, University of New South Wales
Dr Siri Terjesen Assistant Professor, Indiana University, USA
2016 updates
Terence Brooks Manager of the Forensic Investigation Unit,
Professional Standards Command of Victoria Police
Keith De La Rue Independent Consultant, Speaker and Director, AcKnowledge Consulting
Susan Jones Founder, Ready Set Startup and Lecturer in Entrepreneurship,
Swinburne University of Technology
Dr Hayat Khan Lecturer, La Trobe University
Dr Tehmina Khan Lecturer, RMIT University
Dr Rahat Munir Senior Lecturer, Macquarie University
Dean Newlan Consultant to McGrathNicol Forensic
Acknowledgments
George Apostolos Senior Forensic Accountant, ASIC
Betty Ferguson Consultant
Dr Dean Hanlon Senior Lecturer, Monash University
Professor Karen Jansen Senior lecturer, Australian National University
Tui McKeown Senior Lecturer in the Department of Management, Monash University.
Dr Áron Perényi Lecturer, Swinburne University of Technology
Advisory panel
Desley Ward CPA Australia
Dianne Harvey Latrobe University
Gavin Ord CPA Australia
John Purcell CPA Australia
Sarah Scoble CPA Australia
Stephen Zigomanis 72 Financial
Terence Brooks Victoria Police
CPA Program team
Kerry-Anne Hoad Alisa Stephens Sarah Scoble
Kristy Grady Yvette Absalom Belinda Zohrab-McConnell
Desley Ward Nicola Drury
Kellie Hamilton Elise Literski
Educational designer
Jan Williams DeakinPrime
Acknowledgment
All legislative material is reproduced by permission of the Office of Parliamentary Counsel, but is not the official or authorised version. It is
subject to Commonwealth of Australia copyright. The Copyright Act 1968 permits certain reproduction and publication of Commonwealth
legislation. In particular, s. 182A of the Act enables a complete copy to be made by or on behalf of a particular person. For reproduction
or publication beyond that permission by the Act, permission should be sought.
These subject materials have been designed and prepared for the purpose of individual study and should not be used as a substitute for
professional advice. The materials are not, and are not intended to be, professional advice. The materials may be updated and amended
from time to time. Care has been taken in compiling these materials but may not reflect the most recent developments and have been
compiled to give a general overview only. CPA Australia Ltd and Deakin University and the author(s) of the material expressly exclude
themselves from any contractual, tortious or any other form of liability on whatever basis to any person, whether a participant in this subject
or not, for any loss or damage sustained or for any consequence which may be thought to arise either directly or indirectly from reliance
on statements made in these materials.
Any opinions expressed in the study materials are those of the author(s) and not necessarily those of their affiliated organisations,
CPA Australia Ltd or its members.
Extracts used from International Accounting Standards are Copyright © International Accounting Standards Committee Foundation.
CONTEMPORARY BUSINESS ISSUES
Module 3
BUSINESS CRIME: INVESTIGATION,
DETECTION AND PREVENTION
TERRY BROOKS AND DEAN NEWLAN
198 | BUSINESS CRIME: INVESTIGATION, DETECTION AND PREVENTION
Contents
Preview 199
Introduction
Objectives
Teaching materials
An overview of forensic accounting 200
Emergence of forensic accounting as a separate discipline
Forensic accounting roles
APES 215 Forensic Accounting Services
Summary
Business crime 204
Defining business crime
Workplace fraud
Externally instigated fraud
Financial statement fraud
Bribery and corruption (local)
Bribery and corruption (international)
Money laundering
Insider trading
Summary
The forensic accountant’s role in investigating business crime 224
Overview
Conducting a business crime investigation
Phase 1: Briefing
Phase 2: Planning and resourcing
Phase 3: Building a profile of the ‘person/s of interest’
Phase 4: Gathering and securing evidence
Phase 5: Analysing evidence
MODULE 3
Phase 6: Reporting
Diagrammatic representation of investigative evidence
Summary
Detecting business crime 245
Overview
Recognising typical symptoms of fraud
The use of financial statement analysis and other analytical methods
Using information technology tools (data analytics)
Summary
Preventing business crime 251
The Australian standard for fraud and corruption control
Principles of fraud prevention
Assessing fraud and corruption risk
The importance of a robust internal control environment
Fraud and corruption control planning
Specific anti-bribery and corruption (‘ABC’) measures
Summary
Review 261
References 273
Optional reading
Study guide | 199
Module 3:
Business crime:
Investigation, detection
and prevention
Study guide
MODULE 3
Preview
Introduction
Businesses face an increasing level of threat from fraud (both by employees and external parties),
corruption and a range of other business crimes. A recent survey, Overcoming Compliance
Fatigue—13th Global Fraud Survey (Ernst & Young 2014), benchmarks business crime trends
across 59 countries through interviews with 2700 business executives. The survey identified not
only fraud in significant volumes but also cybercrime, bribery, corruption and a range of other
illegal and unethical behaviours.
Against this background, there is a growing demand for skilled accountants who are able to
assist victims in the investigation of crimes against their organisations and who can support
law enforcement agencies in the investigation and prosecution of business crime offenders.
The service they provide is a major component of what has become known as ‘forensic
accounting’, a term that has gained increasing acceptance and recognition within the
business community since the early 1990s.
While the loss of stolen property (whether money or other tangible assets) is relatively easy
to quantify once the crime has been detected, the financial impact of many other types
of business crimes is not so easily quantified. The total cost of business crime is therefore
largely hidden. While we can estimate losses due to fraud (from fraud cases actually
detected), we cannot know the full financial effect of sabotage, intellectual property (IP) theft,
unauthorised system access, corruption, insider trading, money laundering, tax evasion,
misuse of position and so on. In some cases, the victim organisation may not even be aware
that it has been the target of a business crime and, indeed, losses are difficult to assess even
when a crime of this nature has been detected.
200 | BUSINESS CRIME: INVESTIGATION, DETECTION AND PREVENTION
In this module, we will discuss a selection of the more commonly encountered business crimes
and, in particular, the various forms of fraud and corruption against business, government
agencies and the not-for-profit sector. The module covers planning and executing a business
crime investigation, preparing a forensic accounting report and how such a report may be
presented in court in ways that make clear the outcome of the work that has been done.
Reference is made to APES 215 Forensic Accounting Services, a standard issued by the
Accounting Professional & Ethical Standards Board (APESB).
There is also discussion on the increasingly important area of ‘forensic technology’. While this
specialist activity is likely to be beyond the skills and technical capability of many forensic
accountants, the discussion is included on the basis that there is an increasing number of
cases where digital evidence is critical to the success of a business crime investigation. It is
important for the forensic accountant to be able to communicate effectively with the forensic
technology specialist in order that they can jointly maximise the evidentiary value of electronically
stored information.
Finally, the module addresses how business crime is detected and how it can be prevented.
Reference is made to the Australian Standard AS 8001–2008 Fraud and Corruption Control,
an important source of guidance in the control of fraud and corruption.
Objectives
On completing this module you should be able to:
• explain the concept of ‘forensic accounting’;
• discuss the role of the forensic accountant in investigating, detecting and preventing
MODULE 3
business crime;
• discuss the fundamental principles of fraud detection;
• describe and contrast a range of categories of business crime;
• describe the methods commonly used in financial statement fraud;
• describe the regulatory environment in which forensic accountants operate; and
• discuss the principles of risk management and apply those principles to the management
of business crime risk.
Teaching materials
• Relevant professional guidance
APES 215 Forensic Accounting Services
AS 8001–2008 Fraud and Corruption Control
Fast-forwarding to the 19th century, the relationship between the accounting discipline and the
legal profession was established as a necessary outcome of more complex business interactions.
Moving into the 20th century, forensic accounting became more prominent when accountants
started acting as expert financial witnesses in legal proceedings.
Study guide | 201
Perhaps the most famous early example of forensic accounting is that of Elmer Irey, an accountant
with the US Internal Revenue Service, who in the 1930s worked behind the scenes to secure a
conviction against the gangster Al Capone for tax evasion (Shields 2009). Irey was head of the
Special Intelligence Unit at the Treasury Department and assigned one of his special agents,
Frank Wilson, to investigate Capone for tax evasion. This was a formidable task as Capone had
never submitted an income tax return and did not have a bank account. Capone lived opulently,
but did not own property in his name and transacted all his business affairs in cash. He was,
apparently, a difficult man to bring to justice.
MODULE 3
Sources: Library of Congress 2015, ‘Elmer L. Irey, Chief, [Intelligence] Unit, Bureau of Internal Revenue,
9/15/39’, accessed July 2015, http://www.loc.gov/pictures/item/hec2009013966. Library of Congress,
Prints and Photographs Division, photograph by Harris & Ewing, reproduction number: LC-DIG-hec-27268.
Library of Congress 2015, ‘Bosses, U.S. Secret Service, Washington, DC, June 11. A new informal picture of
Frank J. Wilson, Chief of the United States Secret Service, made in his office at the Treasury Department’,
accessed July 2015, http://www.loc.gov/pictures/item/hec2009015485. Library of Congress, Prints and
Photographs Division, photograph by Harris & Ewing, reproduction number: LC-DIG-hec-28788.
The success of this task led to the US Internal Revenue Service recognising the need for and
indeed the value of having investigators trained in financial investigation. To this end, this agency
has produced a number of handbooks and manuals designed specifically to build skills in
financial investigations.
The term ‘forensic accountant’ was reportedly first used by Maurice E. Peloubet in 1946,
although others have claimed the accolade. Max Lourie in 1953 and Robert Lindquist in 1986
declared they invented the term, and G. Kessler later claimed to be the first forensic auditor
(Crumbley & Apostolou 2007).
There is an ever-increasing demand for full-time and part-time forensic accounting practitioners
to perform a variety of tasks. One of the increasingly important roles of forensic accountants is
the investigation of business crime and this is the main focus of this module.
Business crime
Dispute advisory investigation Forensic technology
Forensic accountants play a key role in identifying and investigating business crime. In the
typical case, they may be engaged by a business crime victim to locate, collate and analyse
evidence, identify perpetrators, prepare evidence for use in legal proceedings, quantify the loss
suffered and give expert testimony on what they have found. Increasingly, forensic accountants
MODULE 3
are engaged by clients to conduct an investigation that many would assume to be the role of
the police or other law enforcement agency. This will mean that they will be required not only
to analyse financial evidence provided to them at the commencement of their work, but also to
actually go out and gather the evidence on behalf of their client.
It is an unfortunate fact that the pervasiveness of business crime and the continuing increases in
other complex criminal activity demand more and more resources of law enforcement agencies.
Law enforcement no longer has the capability to investigate every business crime reported to
them as it once did. This will mean increasing opportunities for forensic accountants who will,
in effect, be engaged to step in and do a job once delivered by the state—the investigation
of criminal conduct within business. Ultimately, the prosecution, if there is to be a prosecution,
will be pursued by the state but it will be based largely on the work of forensic accountants who
are engaged and paid by the victim.
Forensic accountants can also be employed by law enforcement and other government agencies
to assist in investigations, particularly with a view to presenting a case in the criminal jurisdiction.
They can also be used for matters in civil proceedings. In Australia, the Australian Federal Police,
the state police services, ASIC, the Australian Taxation Office, the various anti-corruption bodies
around the country and a range of other regulators all have teams of forensic accountants who
provide a vital service in linking complex financial evidence to the conduct of business criminals.
Study guide | 203
Since that time there has been a number of revisions to APES 215, the most recent resulting
in the reissue of the standard in December 2013 with effect from 1 April 2014. The revisions to
APES 215 have been made to increase clarity and provide additional guidance for practitioners
to enable them to make decisions on such things as the type of forensic service they are
intending to provide and the difference between facts, assumptions and opinions.
Compliance with APES 215 is mandatory for members of CPA Australia when carrying out
forensic accounting assignments.
APES 215 covers the fundamental responsibilities of members. These responsibilities include:
• observance of the public interest obligations;
• professional independence;
• professional competence and due care; and
• confidentiality.
APES 215 also sets out rules to be observed in the provision of four defined types of forensic
service, as well as guidance on changes of opinion, quality control and the basis for charging fees.
APES 215 can perhaps be best described as setting out guidance on matters of conduct and
MODULE 3
professional behaviour along with a range of specific rules to be applied in terms of the format
and content of reports prepared.
When reading APES 215, remember that the mandatory requirements are shown in bold black
lettering.
Failure to observe these requirements can lead to disciplinary proceedings against members of
the accounting bodies bound by this standard. In addition, where the forensic accountant has not
prepared a report in accordance with APES 215, the validity of the report could be undermined,
which may then render the report inadmissible in court proceedings. Finally, APES 215 explicitly
states, under section 5.4:
5.4 A Member who is acting as an Expert Witness shall comply with the following:
(a) The paramount duty to the Court which overrides any duty to the Client or Employer;
(b) A duty to assist the Court on matters relevant to the Member’s area of expertise in
an objective and unbiased manner;
(c) A duty not to be an advocate for a party; and
(d) A duty to make it clear to the Court when a particular question or issue falls outside the
member’s expertise.
You should read APES 215 including the appendices, noting both the rules on behaviour and duties
as well as the guidance on content of forensic accounting reports. APES 215 is available at:
http://www.apesb.org.au/uploads/standards/apesb_standards/13092014103232p1.pdf.
Summary
Forensic accounting is now well established as a separate discipline within the range of services
offered by accounting practitioners. Tertiary education in forensic accounting is increasingly
offered by universities and colleges while a growing number of second tier and boutique
accounting firms, in addition to the ‘Big 4’, now have specialist forensic divisions that are
capable of carrying out complex business crime investigations.
Increasingly, forensic accountants are being engaged to fulfil the role previously carried out
by the police or other law enforcement agencies. This work is sometimes necessarily funded
by the victims because the police and other law enforcement agencies have limited financial
capacity to engage external resources.
APES 215 has been issued to assist practitioners when undertaking forensic accounting
engagements. An important aspect of our discussion is that one does not need the label
‘forensic accounting specialist’ to be bound by the provisions of APES 215—any accountant
who is member of a professional body that has adopted this standard (including CPA Australia),
and who is delivering any of the services described in APES 215, is subject to that standard and
must comply with its requirements.
In the next section, the concept of ‘business crime’ is discussed along with the impact it has on
victim organisations.
Business crime
MODULE 3
Sutherland contrasted the concept of ‘white-collar crime’ with ‘blue-collar crime’, which he
regarded, in essence, as the ‘crime of the streets’. Sutherland’s assumption was that working
class people, or ‘blue-collar’ workers, would not have access to business and business
systems through employment and, therefore, would not be in a situation where they could
commit ‘white‑collar crime’. This assumption is no longer valid. In the current age, we know
‘blue‑collar’ workers can and do commit what Sutherland previously thought of as exclusively
‘white‑collar’ crime.
Sutherland’s definition of white-collar crime is broad and would include fraud, bribery and
corruption, insider trading, money laundering, tax evasion and other activities covered in
this module.
There is no scholarly definition of ‘business crime’, but ‘business crime’ and Sutherland’s definition
of ‘white-collar crime’ are considered equivalents and are often used interchangeably.
Study guide | 205
For the purposes of this module, business crime can be taken to include:
• theft of an organisation’s assets by an outsider or insider;
• fraudulent claims (insurance, social welfare, grant funding fraud);
• false financial reporting within an organisation;
• false financial reporting to an external party in order to gain an advantage (e.g. to a bank
or other financial institution);
• extortion (making an unwarranted demand for payment under threat);
• damage to an organisation’s property by a competitor in order to disrupt business operations;
• a ‘denial of service’ attack on a business’ website;
• theft of intellectual property belonging to a business;
• unauthorised access to computer systems in order to steal or access intellectual property
or other confidential information;
• corruption of the procurement process;
• taxation crime (income tax evasion and GST fraud);
• fraudulent investment schemes (including ‘Ponzi’ schemes);
• insider trading—taking unfair advantage of information known to the perpetrator but not
known to the market generally; and
• other misuse of position for personal gain.
These activities cost the global business community, governments and the not-for-profit sector
billions of dollars every year. In many instances, not only will the victim entity take civil or other
action to attempt to recover losses arising from business crime, the business crimes set out
above can also result in criminal action against the perpetrators.
Note that crimes listed here involving computing and websites are explained in Module 5;
intellectual property is also further discussed in Module 5.
MODULE 3
There can also be administrative and regulatory consequences for organisations, their directors
and executives for failing to establish robust business crime prevention systems and cultures.
In recent years, corporations, in addition to people within the corporations who initiated
criminal behaviours, have been charged and convicted of criminal offences. In some jurisdictions,
there are legal ramifications for directors and senior executives who condone or tolerate a
culture that creates the preconditions for illegal behaviours.
‘Fraud’, as a legal concept, is not usually found in legislation. It is a generic term used to
describe various criminal behaviours such as:
• theft;
• stealing;
• larceny;
• false pretences;
• obtaining property by deception;
• obtaining a financial advantage by deception;
• making or using a false document; and
• false accounting.
It is noteworthy also that the criminal law varies widely between the Australian states/territories
and federally.
• In Victoria, the procurement manager would be charged with ‘Theft’ under the Crimes Act 1958 (Vic);
• In New South Wales the procurement manager would be charged with ‘Larceny as a Clerk or
Servant’ under the Crimes Act 1900 (NSW);
• In Queensland the procurement manager would be charged with ‘Stealing as a Clerk or Servant’
under the Criminal Code Act 1899 (Qld); and
• If the procurement manager were employed by a Commonwealth entity, the procurement manager
would be charged with ‘Theft’ under the Criminal Code Act 1995 (Cwlth).
MODULE 3
Also, business crime offences in each state/territory and federally sometimes require quite different
‘elements of proof’ (i.e. the matters that need to be proved to the court in order to convict the accused).
The forensic accountant assisting the police or other law enforcement agency in the investigation
of a business crime therefore needs to be mindful of the criminal jurisdiction objectives of the
investigation and be able to communicate effectively with the law enforcement agency that has
ultimate responsibility for the matter.
A useful classification system for fraud and corruption was developed by Joseph T. Wells and
is included in his book Corporate Fraud Handbook—Prevention and Detection (Wells 2013).
Wells’s classification is divided into the three major components of fraud and corruption as
shown in Figure 3.2.
Asset Fraudulent
Corruption
misappropriation statements
Source: Adapted from Wells, J. T. 2013, Corporate Fraud Handbook—Prevention and Detection,
4th edn, Wiley & Sons, Hoboken, New Jersey, p. 1.
Wells (2013) then provides a further breakdown of these three major categories. These more
detailed subclassifications provide a summary of specific transactions or conduct that are
included in each major category. Figure 3.3 shows Wells’s breakdown of ‘asset misappropriation’
as a fraud type showing its various subcategories.
Asset
misappropriation
Inventory and
Cash
all other assets
MODULE 3
Fraudulent
Larceny Skimming Misuse Larceny
disbursements
Lapping Purchasing
Other Understated
schemes & receiving
Unconcealed
Unconcealed
larceny
Authorised
maker
Source: Republished with permission of Wiley & Sons, from; Corporate fraud handbook:
prevention and detection by Wells, Joseph T. 4th ed. 2013, Wiley & Sons, Hoboken, New Jersey, p. 1.
Permission conveyed through Copyright Clearance Center, Inc.
208 | BUSINESS CRIME: INVESTIGATION, DETECTION AND PREVENTION
An equivalent breakdown for ‘fraudulent statements’ as a fraud type detailing its subcategories
is given later in this module.
Given the proportion of fraud that is committed by people internal to a business, it is worth
considering the sociological/criminological factors in internally instigated fraud.
In the early 1950s, the ‘fraud triangle’ was developed by Dr Donald Cressey in the United States
as a way of explaining why workplace fraud was on the increase. His initial work was based on
interviews with 133 prisoners who were prepared to admit their involvement in workplace fraud
(known then as ‘embezzlement’).
Cressey (1973) proposed three key factors that must be present, all at the same time, in order for
an employee of a business to commit fraud against their employer:
1. perceived pressure;
2. rationalisation; and
3. perceived opportunity.
Figure 3.4 is a summary of these factors and the elements comprising each factor.
MODULE 3
Ra
tio
na
tio
• Minimal deterrents
Perceived opportunity
• Internal control
• Poor culture
• Technology
• Remote access
Source: Cressey, D. 1973, Other People’s Money, Patterson-Smith, Montclair, New Jersey, p. 30.
Study guide | 209
For example, someone employed in a lowly paid position in a highly profitable business may
experience an inclination to commit fraud in accordance with the following hypothetical scenario:
• Perceived pressure: the person may have a strong desire to achieve a lifestyle standard that
may have been lost or otherwise denied to them but which they perceive is enjoyed by their
peer group.
• Perceived opportunity: the person has control over or access to assets owned by their
employer (cash, property) and has the knowledge and ability to circumvent internal controls
designed to prevent or defeat fraud.
• Rationalisation: the perpetrator may be able to convince themselves that the amount of
funds fraudulently taken was not material to the business and won’t be missed; indeed,
there ‑is a culture of petty theft within the organisation.
Cressey concluded:
Trusted persons become trust violators when they conceive of themselves as having a financial
problem that is non-shareable, are aware that this problem can be secretly resolved by violation
of the position of financial trust, and are able to apply to their own conduct in that situation
verbalizations which enable them to adjust their conceptions of themselves as trusted persons with
their conceptions of themselves as users of the entrusted funds or property (Cressey 1973, p. 30).
Report to the Nations on Occupational Fraud and Abuse—2014 Global Fraud Study
(Association of Certified Fraud Examiners)
The Association of Certified Fraud Examiners’ (ACFE) Report to the Nations on Occupational
Fraud and Abuse—2014 Global Fraud Study (ACFE 2014) provides a useful overview of the extent
and types of fraud in 103 countries. The report is based on case data provided by ACFE members
(referred to as ‘CFEs’) who actually investigated the reported fraud incidents during the period
MODULE 3
1 January 2012 to 31 December 2013. It is an authoritative report looking at the international
incidence, factors and types of fraud.
➤➤Question 3.1
Review the ACFE’s (2014) report (http://www.acfe.com/rttn/docs/2014-report-to-nations.pdf)
and make brief notes in relation to the following questions. (Note: See the suggested figures in
the report for each question.)
(a) What is the effect on the loss ultimately suffered by the victim organisation of failing to
detect fraud early? (Figure 9)
(b) What proportion of detected frauds are detected by the external audit process? (Figure 11)
(c) What are the three most common means of fraud detection in your region? (Figure 16)
(d) What sectors suffered the highest rates of fraud? (Figure 22)
(e) What are the most common fraud types in your sector? (Figure 24)
(f) What initiatives do organisations rely on to prevent fraud? (Figure 26)
(g) How would you describe the ‘typical fraudster’? (Figures 40–76)
(h) What role does gender play in workplace fraud? (Figures 57–62 and 74)
You can also access an archive of the ‘Report to the Nations’ to gain a historical view of how fraud has
changed since 1996 (see: http://www.acfe.com/rttn-archive.aspx).
AUD 1.4 billion. It estimated that 1.2 million Australians aged 15 years and over were a victim
of at least one incident of personal fraud in the 12 months prior to interview (ABS 2012).
• The Australian Crime Commission ‘conservatively’ estimates the extent of serious and
organised crime in Australia to be AUD 15 billion annually (ACC 2013).
• The Australian Institute of Criminology reported the annual reporting rate of fraud cases to
the Australian police services in 2011–12 at 430 cases per 100 000 people (AIC 2014).
• In 2009–10, there were 702 941 cases of ‘external’ fraud against the Commonwealth (such as
welfare fraud, tax fraud) involving a loss of more than $495 million (AIC 2014).
• Australian payment cards and cheque fraud collectively increased from 15.0 cents per $1000
in 2012 to 16.9 cents per $1000 in 2013. This included an increase in payment card fraud from
43.6 cents to 48.7 cents in every $1000 transacted in 2013, which represents a total annual
fraud rate of $304 million (APCA 2014).
➤➤Question 3.2
Please access the Australian Institute of Criminology report, Australian Crime: Facts &
Figures: 2013 (AIC 2014), available online at: http://aic.gov.au/publications/current%20series/
facts/1-20/2013.html.
Go to the section ‘Fraud and deception-related crime’ in Chapter 2 (located after Figure 27).
(a) Review Table 5. Has the reported rate of fraud been increasing or decreasing in the last
10 years?
(b) What factors do you think might be effecting a change in reporting rates?
(c) What proportion of detected fraud cases are reported to the police?
Study guide | 211
Workplace fraud
Workplace fraud can involve a range of activities, from small-scale theft of inventory to the
fraudulent misappropriation of many millions of dollars in a complex lending fraud within a
major bank. The increased reliance on computerisation, a reduced emphasis on internal controls,
a more mobile and better-educated workforce and the involvement of organised crime in fraud
have all contributed to increased incidence of workplace fraud.
Every workplace fraud will involve a person closely associated with the business whether they
are acting alone, colluding with a colleague or colluding with an external party. Their position
as a trusted agent of the business provides insiders with opportunities that are not available to
external parties.
As a result, for businesses in most sectors, internal fraud is more common than external fraud.
The major exception to this is the financial services sector (banks and other lenders, insurers and
superannuation funds) where fraud by people external to the business represents a relatively
higher proportion of total fraud incidents than internally instigated fraud.
MODULE 3
The following are examples of workplace fraud:
• False invoicing—creating a false invoice for goods or services not provided, for example
creating a fictitious vendor or using the details of a genuine vendor to the business.
• Payroll fraud—processing payroll for an employee who was never employed by the business
or who was employed but who has since left the business.
• Online banking fraud—manipulating account numbers and redirecting funds to a bank
account controlled by an employee.
• Fraudulently claiming expenditure not incurred for the benefit of the business.
• Purchasing assets in the name of the company but intended for personal use.
• Diversion of sales to another business in which the employee holds an interest.
• Manipulating management reporting to secure a performance bonus.
• Redirecting grant funding intended for the perpetrator’s employer.
• Accounts receivable fraud—diverting receipts to an account controlled by the perpetrator
with subsequent writing off of the receivable.
• Theft of cash received during the course of business and covering the shortfall for a period
of time with subsequent receipts.
212 | BUSINESS CRIME: INVESTIGATION, DETECTION AND PREVENTION
In order to transfer funds to herself, she prepared an online banking report that made it appear that
the payments had been ‘locked down’ (and therefore were not capable of further amendment) before
seeking authorisation from another member of staff. Once she had this authorisation, she would get
back into the online banking system and change the destination bank account to one of a number
of accounts controlled by her. To cover her tracks, she covertly processed journal entries to move the
debit value around the general ledger.
Causer was able to steal more than AUD 19 million, which she invested in real estate. She pleaded guilty
in the Supreme Court to 24 counts of theft and was sentenced to a non-parole period of five years.
The promoters of Chartwell perpetrated Australia’s biggest ever ‘Ponzi’ fraud in 2007–08 that resulted
in investors losing more than AUD 65 million. Many of the victims lost their life savings. In 2011,
the promoter of the fraud pleaded guilty to 34 charges in the Supreme Court.
The promoter (Graeme Hoy) and another Chartwell executive (Ian Rau) also admitted carrying on
an unlicensed financial services business, engaging in dishonest conduct and dishonestly using a
director’s position to gain an advantage. Justice Forrest in sentencing Hoy noted that ‘98 per cent of
funds received by Chartwell were simply stolen from investors’.
Only AUD 429 000 was ever invested. Justice Forrest said the scale of Hoy’s offending was ‘breath-
taking’. Hoy was sentenced to 13 years and nine months jail for his crimes and Rau two years and
nine months’ jail.
Sources: R v. Hoy [2011] VSC 95 (23 March 2011), accessed October 2015,
http://www.austlii.edu.au/au/cases/vic/VSC/2011/95.html.
R v. Rau [2010] VSC 370 (19 August 2010), accessed October 2015,
http://www.austlii.edu.au/au/cases/vic/VSC/2010/370.html.
Study guide | 213
No inquiry as to the bona fides of these instructions (i.e. whether they were genuine) were made and
the next time a payment was made, nearly AUD 5 million was transferred to the bogus bank account.
MODULE 3
The genuine service provider inquired with the customer as to why the payment had not been received
and the fraud was discovered. When the fraud was discovered, inquiries with the bank revealed that a
false account had been established by an organised crime gang using information gained from inside
the service provider. The service provider was able to freeze the false account but not before around
AUD 200 000 had already been transferred to another account out of reach of the service provider.
Police were called in but were unable to locate the offenders.
Wells’s (2013) fraud classification breaks financial statement fraud into five subcategories
(in effect there are five methods of financial statement fraud):
1. timing differences;
2. fictitious revenues;
3. concealed liabilities and expenses;
4. improper disclosures; and
5. improper asset valuation.
214 | BUSINESS CRIME: INVESTIGATION, DETECTION AND PREVENTION
These five elements of financial statement fraud are set out in Figure 3.5.
Fraudulent
statements
Financial Non-financial
Overstatement Understatement
of assets/ of assets/
revenue revenue
Improper Improper
disclosures disclosures
Improper Improper
asset valuation asset valuation
MODULE 3
Source: Adapted from Wells, J. T. 2013, Corporate Fraud Handbook—Prevention and Detection,
4th edn, Wiley & Sons, Hoboken, New Jersey, p. 341.
The motivation behind someone wishing to overstate assets or revenue of a business is self-evident
(if intentional and not by mistake) but the concept of deliberately understating assets or revenue
may be harder to understand. There are a number of scenarios in which people may wish to
portray financial performance as less than it actually was, for example, to ensure that revenue
or profitability targets are not exceeded (thereby ensuring reduced budget pressure for the
following financial year) and to reduce taxable income.
Table 3.2 is a brief summary of each type of financial statement fraud proposed by Wells (2013).
It also provides some examples and an overview of the warning signs for each type.
Study guide | 215
Concealed liabilities/expenditure Failing to record expenses incurred by the entity or liabilities owed
by the entity (as distinct from timing differences where the expense
will be recorded in another period).
Improper asset valuation Overvaluing an asset to improve the financial position of the entity.
Source: Adapted from Wells, J. T. 2013, Corporate Fraud Handbook—Prevention and Detection,
4th edn, Wiley & Sons, Hoboken, New Jersey.
MODULE 3
Enron began its corporate life as a small oil and gas pipeline company in the United States in 1985.
It expanded into brokering and trading electricity and other energy commodities. It then began
aggressive and complex dealings in interest rate margins and manipulating energy prices.
By October 2001, the company was in deep financial trouble, which the company’s executives attempted
to conceal by a complex web of financial statement manipulation, illegal off-balance-sheet transactions
and sham partnerships. By the time investors, employees and the public learned of the company’s
crisis, the downward spiral was unstoppable.
In August 2001, former Vice-President for Corporate Development, Sherron Watkins, warned Enron’s
CEO of impending financial problems based on ‘a wave of accounting scandals’. Two months later,
in October 2001, Enron officials announced that the company was actually worth USD 1.2 billion less
than had previously been reported. The difference was due to USD 586 million in overstated income
and the failure to include all the company’s debts in financial reports.
In December 2001, Enron filed for bankruptcy amid a barrage of questions and accusations. Both Enron’s
top managers and its auditor, Arthur Andersen LLP, came under extreme scrutiny.
A number of top Enron executives were convicted of fraud. In addition to Enron employees,
Arthur Andersen was convicted of obstructing justice; however, the decision was overturned on appeal.
You can read more about the Enron case at: http://finance.laws.com/enron-scandal-summary.
216 | BUSINESS CRIME: INVESTIGATION, DETECTION AND PREVENTION
The falsifications involved overstating income and inventory values with a consequent overstatement
of profitability. Both also acknowledged that they had misled the company’s auditors.
The court heard that the executives caused Sigma to purchase wholesale pharmaceutical drugs at
inflated prices with part of the price paid being returned to Sigma and recorded as revenue. The effect
of this was an overstatement of reported income by AUD 15.5 million for the year to 30 September 2010.
Financial statement fraud is also covered in detail in the Advanced Audit and Assurance subject
in the CPA Program.
Bribery is the giving or offering of a bribe (and the acceptance or solicitation of a bribe) with
a view to gaining some sort of advantage. An example of bribery is the payment of money
or provision of other services free of charge to a person with the power to make a decision
in relation to a purchase of goods and services in order to win the contract to provide those
goods or services.
Bribery and corruption involves a ‘kickback’ to another person in the context of a current or
possible future business transaction. Its effect is to remove some or all of the ‘competitive
tension’ from a business transaction. This often results in the customer or client paying more
than they otherwise might have for the goods or services. Often, the bribe paid is funded by
the increased price for the supply of goods or services with the effect that the employer of
the bribe receiver actually funds the bribe payments.
Study guide | 217
On several occasions over a three-year period, the procurement manager awarded minor one-off
construction and maintenance work to the same maintenance provider to a total value of around
MODULE 3
NZD 2.5 million. In each case the provider submitted the lowest quotation. The procurement manager
therefore awarded the work to the same contractor on each occasion as it provided the best value
for money.
Investigations uncovered email exchanges between the procurement manager and the principal of
the provider which indicated that the procurement manager routinely indicated the ‘price to beat’
after the other quotations had been received. It was later found that the provider had undertaken a
number of construction projects, free of charge, at a rural property owned by the procurement manager,
including construction of a farm shed and concreting.
Inquiries with other providers who had submitted quotations to the manufacturer revealed that they
would no longer submit quotations as they had heard rumours that one contractor was receiving
favoured treatment.
The procurement manager was dismissed and the maintenance provider was removed from the
company’s approved list of suppliers.
218 | BUSINESS CRIME: INVESTIGATION, DETECTION AND PREVENTION
‘Operation Fitzroy’ was one such case. The Independent Broad-based Anti-corruption Commission
(IBAC) conducted an investigation into alleged corruption within the Victorian Department of Transport
between 2006 and 2013. The investigation and public hearings conducted in late 2014 resulted in nine
people being charged with more than 100 ‘alleged offences’ including:
• conspiracy to cheat and defraud;
• obtaining financial advantage by deception;
• misconduct in public office;
• giving and receiving secret commissions; and
• furnishing false information.
The defendants attended court in July 2015 and their case is due to proceed as a ‘complex fraud
committal’.
Source: Adapted from IBAC 2015, ‘IBAC charges nine over alleged transport corruption’,
accessed July 2015, http://www.ibac.vic.gov.au/news-and-features/article/ibac-charges-nine-over-
alleged-transport-corruption. IBAC 2014, ‘Operation Fitzroy’, accessed September 2015,
http://www.parliament.vic.gov.au/file_uploads/WEB_PDF_-_Operation_Fitzroy_special_
report_-_20141027_C6KR27wt.pdf. Australian Broadcasting Commission 2015, ABC News,
‘IBAC probe: Nine men charged over alleged Public Transport Victoria fraud ring granted bail’,
accessed November 2015, http://www.abc.net.au/news/2015-07-06/nine-men-bailed-over-alleged-
public-transport-fraud-ring-by-ibac/6598014.
MODULE 3
In 1990, the United Nations (UN) placed a trade and financial embargo on Iraq after it invaded Kuwait.
The sanctions were intended to stop military escalation in Iraq by weakening the Iraqi economy.
The action was successful, but led to immense food shortages and a humanitarian crisis throughout
the country. In 1995, the UN responded with the Oil-for-Food Programme that permitted Iraq to
sell oil for humanitarian supplies (food, medicine and other such necessities). Seemingly, from 1999,
bribery and extortion were widespread throughout Iraq.
The AWB contravened the UN Oil-for-Food Programme. By 2005, it was discovered that the AWB
had paid kickbacks in excess of USD 220 million to the Iraqi regime for increasingly beneficial wheat
contracts. At the end of the UN Oil-for-Food Programme, several subsequent investigations determined
that the Iraqi regime had obtained in excess of USD 1.7 billion from numerous companies in different
countries through fraudulent activities such as kickbacks and inflated charges on various transactions,
including transportation fees. In addition, USD 10.9 billion was gained through illegal oil smuggling.
Hu was convicted of receiving kickbacks from private China-based steel mills in exchange for providing
MODULE 3
access to iron ore at better prices than they could get from Chinese suppliers. He pleaded guilty to
the bribery charges. He was also convicted of stealing Chinese ‘state secrets’ (though these would
not have been considered state secrets in Australia).
Source: Adapted from Sainsbury, M. 2010, ‘Rio Tinto’s Stern Hu jailed for 10 years’, The Australian,
accessed November 2015, http://www.theaustralian.com.au/business/mining-energy/
rio-tintos-stern-hu-jailed-10-years/story-e6frg9df-1225847088979.
Rio Tinto’s experience underscores the risks involved in doing business in other jurisdictions,
and the need to understand the legal environment in which business is conducted.
Firms operating in jurisdictions outside their home country should develop internal controls to
reduce their risks. Critical internal controls include making sure that there is access to accurate
local legal advice wherever the business operates. A business operating overseas should
work with its local legal advisers to understand what business practices may be illegal in the
jurisdiction. Company managers who are transferred to a new national environment should also
be made aware of the local legal environment.
220 | BUSINESS CRIME: INVESTIGATION, DETECTION AND PREVENTION
Siemens was ordered to repay USD 350 million to settle the US Securities and Exchange Commission’s
(SEC’s) charges and a USD 450 million fine to the US Department of Justice to settle criminal charges.
Siemens made thousands of payments to third parties in ways that obscured the purpose for, and the
ultimate recipients of, the money. Employees of Siemens obtained large amounts of cash from cash
desks (i.e. internal counters to distribute cash for this purpose), and the cash was sometimes transported
in suitcases across international borders for the purposes of bribery.
Example 3.12: S
ecurency International Pty Ltd and
Note Printing Australia
Highly embarrassing allegations of bribery of foreign officials were made in 2009 in relation to the
conduct of Securency and Note Printing Australia (NPA) subsidiaries of the Reserve Bank of Australia.
Employees of Securency and NPA engaged agents in Nepal, Malaysia, Indonesia, Vietnam and Nigeria
in connection with the sale or proposed sale of ‘substrate’, the plasticised material used in polymer
banknote printing.
To date, nine individuals have been charged with a range of offences including breaches of the foreign
bribery provisions of the Criminal Code Act and falsifying company records to conceal illegal payments.
In addition to the nine personnel who were charged, in an unusual twist, both Securency and NPA
were charged with criminal offences in connection with the payments.
In Australia, both Securency and NPA were convicted and fined for their involvement but so far only
one conviction has been entered in the cases brought against the employees of those companies.
David John Ellery, former company secretary and chief financial officer of Securency, pleaded guilty
to a charge of false accounting in relation to an AUD 79 502 payment and sentenced in the Victorian
Supreme Court in August 2012 to a period of imprisonment for six months wholly suspended for
two years.
An important issue in controlling foreign bribery is the focus many organisations have on their
compliance obligations. Many organisations operating globally have a complex range of foreign
bribery risk management obligations mandated by legislation such as the Foreign Corrupt
Practices Act (US) (FCPA), the Bribery Act (UK) and the Criminal Code Act (Australia). All of these
require organisations that are subject to their provisions to implement robust measures for the
control of foreign bribery.
But the related legislation and the regulatory guidance is very prescriptive. In the current
compliance-driven age, many organisations seem more concerned with compliance with
legislative requirements than they are about actually stopping foreign bribery. This has given
rise to transacting through local ‘agents’ on an ‘ask-no-questions’ basis at the same time as
having ‘suspicions’ (but not knowing) that expenses paid to these agents may be connected
with bribery of foreign officials. Complying with the foreign bribery provisions, or at least
being seen to comply with the foreign bribery provisions, appears to be the main focus of
many organisations rather than stamping out the behaviours.
➤➤Question 3.3
What do you think the role of the forensic accountant would be in investigating bribery and
corruption in cases like AWB, Rio Tinto, Siemens and Securency?
➤➤Question 3.4
What controls or other initiatives could a business implement to reduce the risk of its staff or
agents becoming involved in corruption?
MODULE 3
Money laundering
Money laundering is an attempt to conceal the source of money usually generated by illegal
or criminal activity. The aim of money laundering is to enable people with a beneficial interest
in the proceeds of crime to enjoy the benefits of their illegal activities while at the same time
satisfactorily accounting for the source of those funds. ‘Anti-money laundering’ involves
methods and measures that help prevent or minimise money laundering.
People involved in illegal or criminal activity attempt to ‘clean’ their ‘dirty’ money by getting
it into the financial system without detection or arousing suspicion. Money is thus ‘laundered’
using a lawful process so that it loses its link to its source and appears to be derived from
a legal source. Once the funds are in the financial system, they can be transferred between
different bank accounts or financial instruments, domestically or abroad, or used to buy
goods and services.
1. Placement
Bank accounts are typically established in the name of a legal business known as a ‘front’ for the purpose
of laundering money.
The illegal or criminal earnings/revenue are deposited into bank accounts or converted to negotiable,
redeemable or saleable items by a series of small and anonymous transactions.
Since these deposit amounts are deliberately below the declaratory thresholds of the bank, no due
diligence verification is typically carried out. Hence, the dirty money now belongs to a legal enterprise
and can be used to acquire assets.
2. Layering
The revenue is then used to acquire legitimate assets, such as property. After these assets are acquired,
they are then sold, and often re-sold a number of times, to further distance the converted revenue from
its original source. The main purpose of this phase is concealment.
3. Integration
This phase has the objective of placing revenue into a genuine and lawful economy. Often the legitimate
businesses used are those with a high level of cash transactions (e.g. casinos). The main objective is for
MODULE 3
the final revenue to be completely disconnected from the original criminal proceeds.
Despite the process shown in Figure 3.6, completely ‘cleaning’ the money is difficult to achieve
because it requires sophisticated schemes to remove the entire traceability of ‘dirty’ money,
no matter how many times the three-phase process is put into operation (Madinger 2012).
➤➤Question 3.5
(a) What is the objective of money laundering?
(b) What sources of evidence would you consider in an investigation of money laundering activity?
Insider trading
The final type of business crime that we will discuss involves the misuse of information coming
into the possession of a person or persons associated with a business venture, when the
information is not known to the market generally. Typically, this will involve a member of the
board or a senior executive of a publicly listed corporation who has knowledge of future plans
of the corporation, an announcement in relation to the future profitability of the business or
a merger and acquisition. The ‘insider’ then uses this information to buy or sell shares in the
corporation or in another corporation involved in the relevant transaction. Such behaviour
contravenes the Corporations Act and is commonly known as insider trading.
Study guide | 223
Kamay and Hill appeared in the Victorian Supreme Court in March 2015 where they were sentenced to
terms of seven years and three years respectively for insider trading (s. 1002G of the Corporations Act),
money laundering and abuse of public office. In addition to Kamay and Hill being imprisoned,
the Criminal Assets Confiscation Taskforce was able to recover the profits generated, which were
forfeited to the Confiscated Assets Account.
Source: Adapted from ASIC 2015, ‘15-058MR Two men sentenced in Australia’s largest insider trading
case’, accessed August 2015, http://asic.gov.au/about-asic/media-centre/find-a-media-release/2015-
releases/15-058mr-two-men-sentenced-in-australia-s-largest-insider-trading-case.
MODULE 3
Sources: Adapted from In re Gay [2014] TASSC 22 (15 April 2014), accessed July 2015,
http://www.austlii.edu.au/cgi-bin/sinodisp/au/cases/tas/TASSC/2014/22.html.
Australian Securities & Investments Commission (ASIC) 2014, ASIC Enforcement Outcomes:
July to December 2013, Report 383, pp. 32–3, accessed July 2015,
http://download.asic.gov.au/media/1344494/rep383-published-11-February-2014.pdf.
Summary
In this section, we have considered seven commonly encountered business crime types:
1. workplace fraud (internally instigated fraud);
2. externally instigated fraud;
3. financial statement manipulation;
4. bribery and corruption (local);
5. bribery and corruption (international);
6. money laundering; and
7. insider trading.
This list and our brief examination of each business crime type is by no means exhaustive but
provides a foundation for considering the material in the remainder of the module.
Business crime can have a major impact on business performance and in some cases even cause
a business to fail. Many of the victims of business crime, including crimes where major financial
damage is done, are ‘first-time victims’ and many of the perpetrators of business crime are also
‘first-time perpetrators’.
224 | BUSINESS CRIME: INVESTIGATION, DETECTION AND PREVENTION
In the remainder of this module, we look at how the forensic accountant can help clients to
investigate business crimes as outlined in this section, ways of detecting business crime and
how the risks can be more effectively managed. An important element of your learning from the
remainder of this module is that the fundamental techniques applied by the forensic accountant,
whether operating in investigation, detection or prevention mode, are common to all business
crime types.
APES 215, a useful source of guidance on the role of the forensic accountant, identifies four key
services:
1. expert witness services;
2. lay witness services;
3. investigation services; and
4. consulting expert services.
observed. One of the key responsibilities, as detailed in Section 3 of APES 215, relates to the duty
of professional independence. In essence, the professional independence provisions require
the forensic accountant to avoid any conflict of interest in the delivery of a forensic engagement.
Failing to manage a conflict of interest can be problematic in instances where the forensic
accountant is providing a forensic service that includes an independent expert witness testimony
but at the same time is asked to provide their client with strategic or tactical advice in the same
matter. As far as possible, it is important for these potentially conflicting roles to be avoided.
Business crime
In this module, given our focus on the investigation of business crime, we are mainly concerned
with the third of the key services listed above—‘investigation services’. APES 215 defines
investigation services as advising on or assisting ‘with an investigation … either in the context
of proceedings or can reasonably be assumed to be a matter that will be brought before a court’
(APES 215, Section 2).
• Investigation of the date of insolvency, where the forensic accountant establishes at what
time a person or entity became unable to meet their debts.
• Investigation into management/governance failure.
• Complex reconciliation, for example, between general ledger and sub-ledger where not
all of the records are available.
• Reconstruction of accounting records by application of analytical and investigative
techniques.
• Investigation into misconduct other than fraud, corruption or other criminal behaviour
(such as breach of internal controls/code of conduct).
• Asset tracing, which may be required where assets have been ‘hidden’ in such matters as
family law disputes or in cases of misbehaviour by company directors and officers.
Phase 1: Briefing
MODULE 3
A forensic accountant investigating a business crime must be as objective as possible when
they receive and respond to information and instructions. They must be alert at all times to any
bias in the briefings provided. Maintaining objectivity is an essential element to any forensic
accounting assignment. It must also be remembered that if a matter progresses to a court
hearing, the forensic accountant owes a duty to the court rather than to the client.
At the beginning of an investigation, it is common for the client’s objectives for the proposed
investigation to be poorly defined. It is important to ensure the investigation objectives are clear
to both client and forensic accountant before starting work.
The forensic accountant should also identify any tasks that are outside their area of expertise
and request assistance with those tasks.
The forensic accountant should ensure that they obtain clear, unambiguous written instructions
from the client or from the client’s instructing legal advisers as to specific allegations to be
investigated and reported on.
226 | BUSINESS CRIME: INVESTIGATION, DETECTION AND PREVENTION
This information may assist the forensic accounting investigator to gather valuable information
about the person of interest, such as:
• addresses used by the person of interest;
• date of birth;
• marital status;
• employment history;
• whether the person of interest is involved in activities such as horse-racing, gambling or
various other identifiable pursuits;
• whether there is a history of insolvency or a bad credit rating; and
• corporations they are involved with.
This is not an exhaustive list of data that can be sourced and used in a profile. Of course,
forensic accountants working in a law enforcement capacity will have access to an even wider
range of information that can be legally obtained by virtue of the statutory powers available to
them. Such things as records of vehicles owned and driving licences held, for example, can be
sourced from the relevant licensing and registration authorities, as well as any prior criminal
history of the person of interest or their associates.
Study guide | 227
An important consideration is to ensure only those documents that are relevant are relied
upon for any report. A client, judge or jury may become lost with an excessive amount of
documentary evidence. It can be difficult to determine the relevance of documents at the
beginning of an investigation, so it is common to retain all potentially relevant documents
and make a determination about their relevance at a later date.
Sources of evidence
The forensic accountant needs to know how to legally obtain evidence in the possession of the
client and/or other relevant parties. Sometimes external parties may not be willing to provide
the requested evidence. It is beyond the scope of this module to examine all of the ways
evidence can be obtained and the legal processes for obtaining evidence from parties who are
unwilling to provide it. However, the following is an overview of some of the more important
aspects of a business crime investigation in terms of capturing and collating relevant evidence.
Legally admissible evidence can take many forms but will generally fall into one of the
following categories:
MODULE 3
• oral testimony;
• written testimony obtained from witnesses and converted to witness statements;
• documents;
• accounting records;
• computer-produced evidence;
• photographs;
• physical exhibits (e.g. cash, vehicles); and
• expert reports.
It should also be noted that in many jurisdictions, the retention of business documents, including
emails, is a legal requirement. In these cases, the destruction of documents that may be required as
evidence in a legal proceeding may be a criminal offence. This is discussed in Module 6.
After completing the investigation (and often progressively throughout the investigation),
the forensic accountant provides an opinion or advice based on the evidence gathered. If the
forensic accountant is not able to form an opinion as they have not yet gathered sufficient
evidence to do so, this needs to be stated, together with a statement about any further
evidence required to form an opinion and where that evidence might be sourced.
Investigator licensing
Another consideration for the forensic accountant when acting in evidence-gathering mode is
the question of licensing. In many (though not all) jurisdictions there is a licensing requirement for
people engaged in carrying out investigations into the conduct of a person. Although examining
documentation provided to a forensic accountant by another party is unlikely to fall within the
ambit of this legislation, other inquiries conducted external to the office environment could fall
within the intended ambit of the statutory provisions. The legislation is rather imprecise and it is
not possible to provide specific guidance on when licencing requirements will apply and when
they will not.
In Australia, the laws relating to conducting investigations into personal misconduct varies from
state to state. In New South Wales, pursuant to the Commercial Agents and Private Inquiry Agents
Act 2004, (NSW) s. 4, a person who is engaged to undertake any activity ‘on behalf of a second
person (not being his or her employer) … that involves finding a third person, or investigating
a third person’s business or personal affairs ’ is required to be licensed. In Victoria, under the
Private Security Act 2004, (Vic) s. 3, a person who is engaged to ‘obtain and furnish information
as to the personal character or actions of any person or as to the character or nature of the
business or occupation of any person ’ is required to be licensed. Corresponding provisions
apply in all Australian states for firms that provide these services.
MODULE 3
A forensic accountant who is likely to be engaged to carry out investigation work should check
with their local authority to determine whether they are required to be licensed in the jurisdiction
for the work contemplated. The alternative to the forensic accountant being licensed is to engage a
licensed provider to carry out those parts of the investigation that would require being licensed.
If original documents are received by the forensic accountant in a business crime investigation
and those documents are sent to another person, it is important that this transfer is appropriately
recorded and receipted. This orderly movement of original documents (including computers or
computer-produced evidence) is called the ‘chain of custody’.
➤➤Question 3.6
You have been engaged by a company to investigate an alleged workplace fraud. The allegation
is that a member of staff has been diverting payments from a client to their own personal bank
account rather than depositing them into the company bank account.
(a) What documents would you request?
(b) What, if any, other sources of evidence would you seek to obtain?
Having captured the digital evidence from computer systems, the forensic technology specialist
can assist the forensic accountant identify evidence using a range of techniques (as outlined in
Table 3.3).
MODULE 3
Table 3.3: Techniques for capturing digital evidence
Technique Explanation
Extraction of files Files may include but are not limited to documents, picture files, spreadsheets,
emails, web pages, multimedia files, deleted files and financial files.
Keyword searching A keyword list is nominated and a search is conducted over the entire computer
for hits.
Internet usage The stored files or ‘cache’ includes web pages, graphics, sound files and other
embedded files. Web mail, such as Gmail or Yahoo!, can also be located.
Link files Shortcut or link files are used to associate a shortcut or start menu item with
specific files or programs. Examples of link files include those found on your
desktop or in your start menu.
Deleted files The deletion of a file does not remove the content of that file from the hard
drive; these files can often be recovered by the IT specialist.
Metadata Metadata is ‘data about data’. This may include information such as author,
creation date, editing time, list of last 10 authors and storage file paths.
In essence, ‘the cloud’ involves the storage of data on sites remote to the owner of the data
and in locations that are sometimes not even known to the owner. The owner assumes that the
data will be there when they need it (and of course it usually is) but they no longer have physical
possession of it as they did when the data was stored on their own computer or server on their
own premises or on a premises known to them.
Issues relating to cloud computing and data ownership and security are further discussed in Module 5,
and cloud computing technology is explained further in Module 6.
Most people have an appreciation of how cloud computing operates but they don’t consider
how it impacts on the legal system. For the investigator, it may not be possible to locate all data,
especially if cloud providers have not been diligent in their storage security. The investigator
will not be able to go to a site and ‘capture’ data in the usual way. An investigator armed with
a search warrant or search order for a business premises will not find the target organisation’s
data, as it will not be on a file server at the premises where the investigator would expect to find
it; it will be located on a file server on the premises of the cloud-computing provider, which may
be located in another country. The six-stage computer forensic process described earlier breaks
down when the investigator is dealing with data stored in the cloud.
However, the legal system is responding to these new challenges, and investigators, in the
right circumstances, are seeking and obtaining court orders requiring access to data stored in
the cloud to be provided by the person or entity in control of the data. That works well if the
MODULE 3
person or persons who have knowledge of the access codes and passwords are available to the
investigator but if they are not, the investigator’s options are very limited. In some situations,
the investigator may know where the data is stored but navigating through the legal and
technical minefield to access a particular server in a particular country can often present major
difficulties in securing business records, which may be required as evidence.
A short list of the extensive number of social media sites that are routinely accessed by many
people includes Facebook, LinkedIn, Twitter, Instagram, YouTube and Yammer. Social media
usage is growing and new sites are emerging.
The main effect of the increasing use of this technology for forensic accounting is a dramatic
increase in the amount of potential information and evidence available to investigators.
The forensic accountant needs to consider the information available to them from social media
when conducting a forensic investigation.
Study guide | 231
Documents are assessed for their origin, clarity and relevance to the case. The forensic accountant
may also need to study, observe and document the behaviour and changes in behaviour of people
who are (or who may be) ‘persons of interest’ in the case.
Each case is different, so the analytical method used will necessarily be driven by the particulars
of the case and the evidence that the forensic accountant has been able to gather. It is also
important to remember that the forensic accountant may need to work with business records
(whether in hard copy or electronic form) that are deficient in some respect—records that are
incomplete, missing or damaged in a way that makes them difficult to comprehend.
It is also important to understand that ‘analysis’ of evidence is a separate process to the previous
phase where we looked at ‘gathering and securing evidence’. This is not to say that once ‘analysis’
has started, ‘gathering and securing’ has ceased—in most investigations the two phases will
operate concurrently, with the forensic accountant seeking more evidence as they are informed
by the outcome of the analysis that has been done up to that point.
Analysis of forensic evidence can take a number of forms and will need to be tailored to the
evidence available, the objectives of the investigation and the way the evidence will be used
MODULE 3
and presented.
• where electronic data is not available or scanning of hard copy data is not possible,
entering the data manually into a spreadsheet; and
• as additional data from other sources is gathered, adding this data to the spreadsheet
using a unique transactional number to confirm the transaction as recorded in different data
sets (e.g. a payment voucher number may link a purchase order, payment number and invoice
number to confirm that all are associated with the same procurement transaction).
Once all data has been entered into a spreadsheet, the forensic accountant can then proceed to
use this program to sort and filter data into ‘like fields’ (i.e. sorting the various entries according
to the information about the individual transactions). This should be done initially in date order but
in such a way that the data can be sorted or filtered as required according to other parameters
(e.g. invoice number order, voucher number order, supplier number order, payment date order).
Date Dr Cr Detail
MODULE 3
Including the account’s opening and closing balance enables cross-checking with the bank statement
being used as the data source to quickly establish if there have been any data entry errors.
Study guide | 233
Having loaded the data in date order, the forensic accountant can use the data sort functions of
Microsoft Excel to complete a number of analyses. The most useful is to sort the data to show debits
and credits grouped together along with a grouping of the details relating to transactions. This is set
out below:
Date Dr Cr Detail
2.1.20X1 $500.00 Cash deposit
12.1.20X1 $500.00 Cash deposit
19.1.20X1 $300.00 Cash deposit
1.1.20X1 $2 000.00 Salary
15.1.20X1 $2 000.00 Salary
3.1.20X1 $500.00 ATM withdrawal
11.1.20X1 $450.00 ATM withdrawal
22.1.20X1 $250.00 ATM withdrawal
9.1.20X1 $65.00 Caltex service: Petrol
28.1.20X1 $1.25 Interest charge
10.1.20X1 $85.00 Liquor purchase
2.1.20X1 $420.00 Rent
21.1.20X1 $62.00 Shell petrol
2.1.20X1 $32.00 Union fees
MODULE 3
16.1.20X1 $32.00 Union fees
5.1.20X1 $125.00 Woolworths
18.1.20X1 $142.00 Woolworths
$2 164.25 $5 300.00
This analysis achieves the following benefits for the forensic accountant:
• It highlights ‘out of the ordinary’ transactions that will need further investigation. In this case,
the cash deposits stand out as one transaction type that requires further investigation (e.g. the
recovery of a deposit slip or voucher from the bank).
• When built up month by month, it allows for the preparation of a cash flow statement for the
individual’s behaviour.
• It allows the preparation of graphs.
• It allows analysis over a period of time (e.g. one year) of the total of earnings and expenditures
by category.
• It allows quick searching by date, amount and category for specific transactions.
This last point is particularly relevant where the forensic accountant has been instructed that the
alleged (illegal) event has occurred on or around a particular date. It also reinforces earlier comments
about the importance for the forensic accountant to obtain as much information as possible about
the target so that ‘out of character’ transactions will be readily identified.
This type of analysis is, however, limited by the level of detail contained in bank statement descriptions
for transactions, which can vary.
234 | BUSINESS CRIME: INVESTIGATION, DETECTION AND PREVENTION
Falsification can occur in the creation of source documents, in transaction processing and
in management and financial reporting. A genuine document can be falsified to give a false
impression of a business transaction. The forensic accountant must know where to look for
falsified business documents or transactions and be able to recognise them when they are
found. This ability generally relies on experience built up over time.
Having captured all of the available documentation (whether source documents, internal
processing documents or management reports) that is or may be relevant to the case under
investigation, the forensic accountant must sort the captured evidence into a relevant and logical
order. The logical order in most cases will be date order, either the date of the transaction or the
MODULE 3
date the transaction was processed, or some other relevant date order.
Having ordered the documentation, the forensic accountant commences an analysis, looking
for a range of indicators of fraudulent transactions. We have already noted that every case is
different and the forensic accountant investigating a particular business crime will need to create
their own list of what to look for, but some common ones are:
• identifying transactions involving parties that have been indicated as being involved in
business crime transactions;
• identifying bank accounts used by the parties involved;
• identifying the transaction descriptions used in the source documents;
• identifying who within the organisation was involved in the transactions (including initiation
of the transaction, authorisation and processing);
• researching and identifying how the transactions have been ‘coded’ in the accounts of the
paying and receiving entities;
• reconciling transactions between paying and receiving entities, looking specifically for
transactions that vary as to the amount or date in the records of both payer and receiver; and
• identifying transactions that are recorded as having occurred on different dates in business
records where the date should be the same.
Study guide | 235
Quantification
Having isolated transactions that constitute evidence of a business crime, the forensic accountant
will need to move to quantify any loss suffered. Quantification is an important component of the
analysis phase and generally will be at the core of any final reporting by the forensic accountant.
The following is a non-exhaustive list of the reports that can be prepared to quantify the losses
that may have been suffered. The forensic accountant may prepare a report:
• for the client so that the client can make a decision as to what, if any, further action should be
taken (in some cases the quantum of the business crime will be below a set threshold, so the
client may not wish to take further action);
• for use by the client’s legal advisers in order to prepare a claim against one or more other
parties in a civil jurisdiction;
• for use in reporting the matter to the police or another law enforcement agency (note that
in many jurisdictions, there is no mandatory requirement to report the matter to the police,
so it is important to understand for each case the legal requirements for reporting the matter
to law enforcement); and
• for the client to pursue a claim for insurance recoveries where the client has insurance cover
for such conduct.
In its simplest form, the quantification of the financial effect of a business crime will be supported
by a schedule of transactions, which details, for example:
• unauthorised payments to an employee’s personal account (e.g. false invoicing or payroll fraud);
• payments by a business by way of a political donation in foreign jurisdictions;
• corrupt cash payments to an employee of a business from a vendor to that business;
• the value of work done at the personal property of an employee; and
• journal entries bringing to account income that has not been earned.
MODULE 3
Asset betterment analysis
One methodology often used by forensic accountants in intelligence-led business crime
investigations is ‘asset betterment’ analysis. The asset betterment analysis records, at specific
points of time, the assets and liabilities of a ‘person of interest’ to the investigation from which
the forensic accountant will be able to calculate the ‘net wealth’ of the person and changes in
their net wealth over time.
The forensic accountant can compare the resulting net wealth across periods and establish:
• patterns of growth and diminution in net wealth; and
• periods in which net wealth changes have occurred.
By being able to identify the changes in net wealth and the periods in which those changes
occurred, the forensic accountant will be able to narrow the investigation and select specific
transactions for a closer examination.
This methodology is mainly used in investigating cases where it has been alleged that persons
and/or entities have acquired wealth from the proceeds of crime. In the typical scenario, a person
with apparently limited sources of legitimate income will generate a substantial net wealth
position. Often, the assets will be held in names other than the person of interest or entities
that they control. An important focus of the asset betterment analysis will be to arrive at a clear
picture of assets that are ‘enjoyed’ by the person of interest regardless of whether those assets
are in their name.
236 | BUSINESS CRIME: INVESTIGATION, DETECTION AND PREVENTION
Table 3.4 lists the assets, liabilities and resulting net wealth of the person of interest at five selected
dates during the period of the alleged offending.
Assets
Cash balances –5 157 –9 563 38 722 19 157 92
Vehicles 40 790 91 540 214 230 330 275 239 035
Chattels 5 689 5 689 26 205 74 049 75 999
Real estate 115 000 115 000 115 000 1 310 000 1 310 000
Total assets 156 322 202 666 394 157 1 733 481 1 625 125
Liabilities
Loans –98 016 –285 612 –127 864 –1 180 554 –1 123 683
Total liabilities –98 016 –285 612 –127 864 –1 180 554 –1 123 683
MODULE 3
Net position 58 306 –82 946 266 293 552 928 501 442
The increases in net wealth from 30 June 20X5 to 30 June 20X6 and to 30 June 20X7 were generated
from the proceeds of criminal activity. The gains are out of proportion to the income-generating
capacity of the person of interest. Deeper investigation uncovered instances of early payouts of car
loans with cash that appeared ‘out of nowhere’ and the deposit of cash against real estate that again
had no discoverable or legitimate origin.
Figure 3.7 is a graphical depiction of asset betterment over time. This is a powerful evidentiary tool
for use in interviews and court hearings.
Study guide | 237
Asset position
$1 500 000.00
$1 000 000.00
$500 000.00
$0.00
–$500 000.00
MODULE 3
Total chattels
Total loans
Asset position
Relationship mapping
In some forensic assignments, the main objective is to understand the relationships between
people, corporations and other entities. In more complex cases, it is appropriate that this analysis
is done by a forensic accountant. A client may wish to understand more about a business partner
it has been dealing with in the past, or it may wish to understand more about a party with which
it is considering entering into a commercial relationship.
238 | BUSINESS CRIME: INVESTIGATION, DETECTION AND PREVENTION
Understanding the parties you have been dealing with or intend to deal with in the future means
in many cases looking behind the corporate structure or other entity to determine who the
people are behind it. Forensic accountants are sometimes engaged, therefore, to help their
client understand these relationships. Undertaking this type of work will require:
• company searching;
• social media analysis;
• contract analysis; and
• interviewing people with relevant knowledge.
The exercise of relationship mapping is often used in conjunction with building a profile of a
‘person of interest’ (discussed earlier).
Chronology analysis
Understanding a sequence of relevant events is often highly important in a forensic engagement.
Being able to provide an accurate chronology of events and present this in a compelling format
is frequently a key objective of a forensic assignment.
Using the same information sources as for relationship mapping, the forensic accountant can
prepare an accurate chronology of events for use in further analysis of the available evidence and
presentation to their client or to the court.
Once the chronology has been completed, it can be documented in ways that are appropriate to
the case (see later in this module for more information on software commonly used by forensic
practitioners to present the output of a chronology analysis presented as a ‘timeline’).
MODULE 3
Funds tracing
Forensic accountants are often required to trace the flows of funds in relation to a case of
fraud, corruption or other business crime. The most effective way of doing this is the analysis of
statements of bank accounts, but this can be augmented by analysis of an entity’s own financial
records and other sources. Being able to analyse bank statements assumes that the forensic
accountant has access to them. If not, a court order or other legal remedy may need to be
obtained through the client’s legal advisers.
Asset location
Commercial disputes may ultimately lead to court applications for the seizure and forfeiture of
property. Forensic accountants can be engaged to look for property belonging to a party or a
potential party to a dispute to inform one of the litigants regarding their prospects of obtaining a
successful outcome to the legal proceedings. Asset location can involve searching public records
and the business records of the people and entities concerned. Again, court orders may be
required for the forensic accountant to gather the necessary information to carry out the analysis.
Assets that can be located or traced using these approaches can include:
• real estate;
• motor vehicles;
• vessels;
• aircraft;
• cash;
• bank deposits;
• trust deposits;
• shares and other securities;
• receivables; and
• machinery and equipment.
Study guide | 239
The forensic accountant needs to have an inquiring mind in order to locate assets, some of which
may have been deliberately concealed from the investigation process. They also need to have a
reasonable level of understanding of the publicly available data that may give an indication of the
existence of an asset.
Phase 6: Reporting
On completion of a business crime investigation, the forensic accountant will need to prepare
a report on the outcomes of their work. Such a report will potentially support the client’s case
should the matter proceed to court. The report must be accurate, concise and capable of
being clearly understood. It should attach all documentary evidence (or extracts from relevant
documentary evidence) used in formulating the forensic accountant’s conclusions or opinions.
The report must also comply with the requirements of APES 215 Forensic Accounting Services
and the expert witness requirements of the court or tribunal in which the matter will be heard.
The overarching requirement of APES 215 and the expert witness guidelines are generally that
the primary duty of the expert witness is to assist the court.
For example, in the ‘Expert witnesses in proceedings in the Federal Court of Australia—Practice
Note CM 7’, the following duties are imposed on an expert witness in Federal Court proceedings:
1. General Duty to the Court
1.1 An expert witness has an overriding duty to assist the Court on matters relevant to the expert’s
area of expertise.
1.2 An expert witness is not an advocate for a party even when giving testimony that is necessarily
evaluative rather than inferential.
MODULE 3
1.3 An expert witness’s paramount duty is to the Court and not to the person retaining the expert
(Allsop 2013).
The forensic accountant should always work on the presumption that the matter will proceed to
court and conduct the engagement accordingly (i.e. the rules of evidence must be strictly adhered
to even if there is no current indication that the matter will proceed to court). It is important that
the report of investigation into a business crime is set out in a clear and concise report that can
be understood by a third party reader (such as a judge), and that presents the findings in a clear,
logical and compelling way.
When preparing and structuring a report, the style of the report should:
• be clearly expressed and not argumentative in tone;
• be centrally concerned with expressing an opinion upon a clearly defined question or
questions based on the expert’s specialised knowledge;
• identify with precision the factual premises upon which the opinion is based;
• explain the process of reasoning by which the expert reached the opinion expressed
in the report;
• be confined to the area or areas of the expert’s specialised knowledge; and
• identify any pre-existing relationship (such as that of treating medical practitioner or a firm’s
accountant) between the author of the report, or their firm, company, etc., and a party to
the litigation.
240 | BUSINESS CRIME: INVESTIGATION, DETECTION AND PREVENTION
In addition to the report content as set out above, the report needs to address the specific
requirements set-out in APES 215:
(a) the instructions received, whether oral or written;
(b) any limitations on the scope of work performed;
(c) whether any of the opinions, findings or conclusions of the Member are not based wholly or
substantially on the Member’s specialised knowledge derived from training, study and
experience;
(d) the relationships, if any, the Member or the Member’s Firm or the Member’s Employer has with
any of the parties to the Proceedings that may create a threat or a perceived threat to the
Member’s obligation to comply with the fundamental principles of the Code or the Member’s
paramount duty to the Court, and any appropriate safeguards implemented;
(e) the extent, if any, of reliance by the Member on the work of others;
(f) the opinions formed, or Other Evidence given, by the Member;
(g) whether an opinion or Other Evidence is provisional rather than concluded, and, if so,
the reasons why a concluded opinion has not been formed;
(h) the significant facts upon which the opinions or Other Evidence are based;
(i) the significant assumptions upon which the opinions or Other Evidence are based and the
following matters in respect of each significant assumption:
(i) whether the Member was instructed to make the assumption or whether the Member
chose to make the assumption; and
(ii) if the Member chose to make the assumption, then the reason why the Member made
that choice;
(j) if the Member considers that an opinion or Other Evidence of the Member may be misleading
MODULE 3
because a significant assumption is likely to mislead, then a statement to that effect and an
explanation of why the assumption is likely to mislead;
(k) where applicable, that the Member’s opinion or Other Evidence is based upon another
person’s report;
(l) the reasoning by which the Member formed the opinions or arrived at the Other Evidence,
including an explanation of any method employed and the reasons why that method
was chosen;
(m) a list of all documents and sources of information relied upon in the preparation of the Report;
(n) any restrictions on the use of the Report; and
(o) a statement that the Expert Witness Service was conducted in accordance with this Standard.
(APES 215, para. 5.6).
Spreadsheets Using Microsoft Excel to produce tables of data will greatly assist in
communicating the outcome of the work that has been performed by the
forensic accountant. Extracts of these spreadsheets can be embedded in the
forensic accountant’s report.
Information database Microsoft Access, Filemaker Pro, iBase and other commonly available databases
are powerful tools for presenting complex evidence as they can be used to
highlight linked transactions that would otherwise not be readily seen.
Graphs Using Microsoft Excel in standard and non-standard modes will help you to
prepare charts and graphs that have a high visual impact. These graphs can be
embedded in the forensic accountant’s report.
Document imaging Ringtail is a litigation support software application that makes it possible to
capture, store and then present images of documentary evidence in legal
proceedings.
MODULE 3
Source: CPA Australia 2015.
➤➤Question 3.7
Go to: http://www-03.ibm.com/software/products/en/analysts-notebook for further information
about the capability of the Analyst’s Notebook.
How do you think Analyst’s Notebook would assist in preparing a forensic accountant’s report
in a business crime investigation?
242 | BUSINESS CRIME: INVESTIGATION, DETECTION AND PREVENTION
• Midland is a well-established tertiary institution based in Dunedin, on the South Island of New
Zealand. In 20X0, Midland’s board decided to establish the university’s first international business
campus in Kuala Lumpur (KL), Malaysia. The KL campus is intended to establish a ‘Centre for
International Trade’.
• The Board appointed KL business man Lew Guangli as Director of the new KL campus. Lew’s first
task was to oversee the construction of the new facility. Lew immediately appointed his brother-
in-law Yong Huojin as Business Manager of the KL operation. This move was questioned by the
board at the time because of the haste with which the appointment was made.
• The board did not do a lot of due diligence for the appointment of Lew Guangli, although the
board was, however, to receive regular financial reports during the construction process. At the
time of his appointment, Lew came with a strong recommendation by a member of the board
who had significant dealings with him in his own business in Malaysia, and who has since moved
on from the Midland board.
After a planning period of two years and construction lasting two years, costing more than
NZD 140 million, the main buildings at the KL campus were finished in August 20X4 and were ready
to accept students from March 20X5, with the only outstanding work being landscaping and car parks.
• The primary contractor for the construction was ‘Ampang Constructions’ (Ampang), the principal
of which is Bunga bin Kartika.
MODULE 3
• The board has become increasingly concerned at a reported cost blowout which has become
apparent from the financial reports they have received. The building project looks like finally
coming in around NZD 25 million over budget against an original estimate of NZD 115 million to
be paid out of Midland reserves.
The board has asked Lew to provide details for the cost blowout but his responses are rather vague
and lacking in detail. The board wants answers.
• You are Manager, Corporate Assurance of Midland and are based in Dunedin. The VC seeks
your advice.
(a) Do you think there are grounds for an investigation? On what basis?
(b) Is there anything you could do ‘behind the scenes’ to investigate the concerns at this point?
Study guide | 243
• A whistleblower from within Midland’s Finance Department (based at Dunedin) has contacted
the VC by email and raised serious concerns about the conduct of Lew Guangli. She told the VC
that Lew has a ‘very cosy’ relationship with Bunga bin Kartika and that he is also very close with
Yong Huojin.
The whistleblower also says that she has done some background investigation of her own and found
evidence that leads her to the following conclusions:
– Ampang was one of five builders who submitted tenders and was the lowest priced tender coming
in around 5 per cent below the next quotation.
– Since construction commenced, there has been a continuous stream of ‘variations’, all of which
have been signed off by Lew and which amount to 21 per cent of the original quotation.
– Midland procedures require contract variations of more than 5 per cent of an original quotation
to be signed off by the VC and another Midland executive. However, 15 variations (all of which
were under 5%) have been signed by Lew Guangli and Yong Huojin. The whistleblower alleges
that the invoices for variations have been ‘split’ so that there was no need for the VC and another
executive to authorise them.
– Lew Guangli lives on a rural property 50 km from KL and recently completed a house on his
property that locals say is worth upward of RM 7 million.
(a) Is there any data analysis that could be done that would identify transactions for further
investigation? How would you do that?
(b) Using the six-phase investigation process discussed previously, what detailed investigations
would you consider in light of what you currently know?
MODULE 3
Case Study 3.3: Midland University of Technology
Your preliminary investigations uncover:
• Emails between Lew Guangli and Bunga bin Kartika going back prior to the tender being awarded
include significant communication between them in relation to the tender and the tender pricing—
it appears from the emails that this information was not provided to other tenderers.
• Lew is on an annual salary of RM 1.2 million before bonuses (which are expected to be around a
further RM 700 000) if certain growth targets are met.
• Construction of Lew’s house was started just three months after the construction contract to
Ampang was awarded and before construction started on the KL campus.
• Information has been received that Yong Huojin is also planning to build a new house on his land
near to Lew’s new house.
• A follow-up call from the whistleblower to the VC indicates that the builder for both Lew’s and
Yong’s new houses is Ampang.
• Initial analysis of the project overruns shows that one significant item was bricks—it appears that
Lew’s house is a large brick residence.
• Lew Guangli provided information to Ampang in relation to the construction project that was
not provided to other tenderers—this information was provided by Lew from his work computer
using his Gmail email account.
• Lew’s stated reason for assisting Ampang over the other tenderers is that ‘they were a local firm
and I knew they could do the job and do it well’.
• Lew Guangli and Yong Huojin allowed Ampang to submit a ‘non-complying tender’ but allowed
it to lower its price when its revised ‘complying’ tender was lodged. In the tender as lodged
initially, Ampang was the highest priced tender but the revised tender price was the lowest of
the five tenders received.
• Ampang built a house for Lew and is currently building a residence for Yong. Construction
consultants indicate that the cost of these residences is around 60 per cent of typical construction
costs for those types of projects.
• Lew denies getting any advantage from Ampang in the construction of his house, saying that they
just happened to be the cheapest of three building quotations he received at around the same
time that tenders for the Midland’s International Business Campus were being met.
• There is evidence that bricks used in the construction of both residences match the description
of bricks delivered to the KL International Business Campus construction site.
(a) What recommendations do you make to the VC on the basis of the evidence you currently
MODULE 3
have?
(b) Is there a case for involving the police? If so, what are the key considerations in preparing
your report?
Summary
Forensic accounting is a highly specialised area of the accounting profession covering a broad
range of assignments. It is incredibly varied and interesting, but it does require particular skillsets
that must be acquired over many years of experience before a forensic accountant can consider
themselves truly competent.
One of the key aspects of all forensic accounting assignments is a ‘focus on evidence’. The forensic
accountant is primarily concerned with gathering, securing and analysing evidence relevant to a
business crime investigation and then presenting the outcome of this work as clearly as possible.
In carrying out assignments in this area of practice, accountants are bound by the relevant
accounting standard (APES 215) and a variety of legal requirements including the rules of
evidence. The expert witness guidelines of various courts also make it clear that forensic
accountants are servants of the court when giving evidence and must recognise at all times
their paramount duty to the court as distinct from the client who appointed them.
To be effective, reports prepared by a forensic accountant for courts and clients must conform
to the principles of accuracy, clarity, independence, assumptions and relevance, and must be
properly referenced.
Study guide | 245
The six ‘symptoms’ or ‘fraud alerts’ proposed by Albrecht & Albrecht et al. (2014) are as follows:
1. accounting anomalies;
2. internal control weaknesses;
MODULE 3
3. analytical fraud symptoms;
4. extravagant lifestyle;
5. unusual behaviour; and
6. tips and complaints.
Table 3.6 provides a brief summary of the factors that can be considered in each of these
categories.
246 | BUSINESS CRIME: INVESTIGATION, DETECTION AND PREVENTION
Source: Adapted from Albrecht, W. S. & Albrecht, C. O. et al. 2014, Fraud Examination,
5th edn, South-Western Cengage Learning, Mason, Ohio.
It is important for all people involved with a business to be alert to the indicators of fraud.
The anomalies that indicate a potential fraud will vary depending on the fraud type—anomalies
that might indicate a payroll fraud will be very different to anomalies that indicate an accounts
payable fraud.
Study guide | 247
➤➤Question 3.8
Payroll fraud (involving the payment of salary and wages to a fictitious employee) will present a
different range of accounting anomalies to accounts payable fraud.
List three accounting anomalies that may be associated with payroll fraud.
MODULE 3
the same methods can be used to analyse evidence captured during a forensic investigation.
One of the main ways this is done is by looking at the performance of specific elements of the
business and comparing this performance with relevant benchmarks. This analysis can take
two forms, often referred to as:
1. horizontal analysis; and
2. vertical analysis.
Horizontal analysis
Horizontal analysis is where a raw value is compared with the corresponding raw value in other
years or periods. Horizontal analysis, unlike vertical analysis, does not consider benchmarks
outside the business’s own records. The steps for a horizontal analysis are as follows:
Step 2: Calculate the percentage change in each raw value from year to year.
Step 4: Consider and investigate the reasons for any unusual movements.
248 | BUSINESS CRIME: INVESTIGATION, DETECTION AND PREVENTION
Vertical analysis
Vertical analysis is where items are calculated as a percentage of a base number, which is then
compared to previous periods or other external benchmarks (e.g. computer expenditure as a
percentage of sales).
Step 2: Calculate a relevant ratio for each raw value (e.g. ratio of computer expenses to sales).
Step 3: Source suitable benchmark data for comparative analysis (e.g. data from the industry
in which the business operates—much of this information is available from IBIS). Ratios in
the company’s own business can also be used along with those from other businesses
operated by the same company.
Step 4: Consider and investigate the reasons for any unusual differences.
The concept of horizontal and vertical analysis can be somewhat confusing as they are very
closely aligned. However, understanding the differences can be quite straightforward if you
think of horizontal analysis as an analysis of change in raw numbers from period to period
without reference to benchmark data. Vertical analysis, on the other hand, converts the raw values
into a variety of ratios (which are recorded vertically to the side of the raw values). These ratios
are then compared against industry benchmarks or against corresponding ratios for the business
in other periods.
MODULE 3
Horizontal analysis Vertical analysis
% Industry Diff. Ind. Diff. Ind.
Year 1 Year 2 Change Change average Av. Year 1 Av. Year 2
Profit and loss
Sales 250 000 100% 450 000 100% 200 000 80% 100% 0% 0%
Cost of goods sold 125 000 50% 300 000 67% 175 000 140% 42% 8% 25%
Gross margin 125 000 50% 150 000 33% 25 000 20% 58% –8% –25%
Operating expenses
➤➤Question 3.9
Net income 15 000 6% –25 000 –6% –40 000 –267% –28% –22% –34%
Balance sheet
Assets
Current assets
Cash 45 000 14% 15 000 4% –30 000 –67%
Accounts receivable 150 000 45% 200 000 47% 50 000 33%
Inventory 75 000 23% 150 000 35% 75 000 100%
Fixed assets (net) 60 000 18% 60 000 14% — 0%
Liabilities
Current liabilities
Accounts payable 95 000 29% 215 000 51% 120 000 126%
Non-current liabilities
Long-term debt 60 000 18% 60 000 14% — 0%
Equity
techniques, identify indicators of possible fraudulent activity for further investigation.
MODULE 3
250 | BUSINESS CRIME: INVESTIGATION, DETECTION AND PREVENTION
A good example of real-time data analysis approaches is the very sophisticated software used by
banks to identify credit card fraud. This software can identify potentially fraudulent transactions
almost instantaneously by comparing transactions that are in process against the typical spending
pattern of that card holder. Fraudulent credit card transactions of course need to be identified at
the time because once the items have been handed to the fraudster, the bank will have suffered
a loss as credit card transactions, once they are approved, are guaranteed by the issuing bank.
Software is now available that can be used by businesses outside the financial services sector to
identify indicators of fraudulent transactions. The tests performed are essentially the same as for
the analysis of historical data, but it is performed continuously. The aim is to alert the business
about the potentially fraudulent transactions as soon as possible after they have occurred—
the business is then able to do something immediately to minimise losses.
Study guide | 251
Summary
Fraud detection is a relatively new area within business. Traditionally, business has been quite
reactive to the issue of fraud and corruption. There are a range of tools and techniques that
can be used to help detect fraud in a timely fashion so that incidents are identified earlier,
which reduces the exposure to further incidents and assists in reducing any losses.
In the next section, we will look at other proactive measures, collectively referred to as
‘business crime prevention’, which can be taken in the control of business crime.
MODULE 3
3. Know your risks.
4. Know your people.
5. Know your customers and suppliers.
6. Remember the ‘three Ps’—planning, planning and planning.
7. Implement specific anti-corruption measures.
8. Create a heightened awareness of fraud and corruption.
9. Open the channels of communication.
10. Implement a fraud detection program.
The most important output contemplated in the fraud risk assessment process set out in AS 8001–
2008 is the ‘treatment program’ for identified risks. Such treatment programs may involve:
• Risk avoidance (discontinuing the activity giving rise to the risk or transferring the risk
associated with that activity to another party, e.g. the risks surrounding banking cash,
which can be transferred to another party by arranging a cash collection service).
• Improved internal control in relation to the business activity giving rise to the risk or the
risk itself.
• Improved detection program (to ensure that the risk, if it does occur, is identified as quickly
as possible.
• Risk retention with no treatment program on the basis that it is a relative low-level risk
that would have a relatively low impact on the organisation if it did occur (AS 8001–2008
Fraud and Corruption Control, s. 3.6).
➤➤Question 3.10
Consider the procurement/accounts payable system of an organisation that you have dealt with.
List at least three fraud risks associated with that system.
Identifying internal control weakness after the fact is actually easy—every management team
dealing with a post-business crime crisis will be able to point to what went wrong from an internal
control perspective. A more difficult, although by no means impossible, task is to identify internal
MODULE 3
control weaknesses that may give rise to a higher risk of business crime before it occurs.
The main issue is often resourcing. Just about every business organisation would like to have
a more robust internal control regime but is constrained by limited funding. Effective internal
controls need people:
• to perform the controls themselves in the traditional sense (including to properly vet and
authorise at the time of processing or to review transactions after processing to ensure that
internal controls are being adhered to); or
• to monitor the internal control benefits arising out of analysis of transactional data.
In our current highly competitive environment, business is diverting increased human capital to
revenue-generating roles, rather than roles that are seen by many senior executives as merely
an impost on the business.
Ensuring good internal controls should be seen as one element in an overall business risk management.
Other aspects of risk management are discussed in Module 5.
Table 3.7 highlights the features of a robust internal control program that would help organisations
to guard against a range of business crime.
Study guide | 253
Feature Explanation
Adequate segregation Segregation of duty is the main internal control we think of, but it also the one
of duty that is becoming increasingly difficult to implement as businesses look to reduce
costs by reducing staff numbers. The basic concept is that the functions of
initiating, authorising and processing transactions should be separated—no one
person should have control of all three functions in the ‘procure to pay’ process.
Vendor vetting False invoicing, a very common form of business crime, is made possible by
poor vendor registration controls. A robust program for vendor registration
will include proper vetting of the proposed supplier/provider. This is aimed
at ensuring that the business is genuine and that there is a proper business
purpose for dealing with them.
New vendors need to be properly scrutinised before they are entered into the
vendor management system and before the first payment is made to them.
There needs to be a proper consideration of the business case for dealing with
MODULE 3
each new vendor.
Access to the general ledger through a direct journal module should be strictly
limited. All journal transactions processed should be subject to regular and
independent scrutiny.
Data warehouse Organisations currently deal with massive amounts of data. Unless that data
is available to the business via a data warehouse, the benefit of the data can,
from an internal control and anti-business crime perspective, be lost.
AS 8001–2008 provides current best practice guidance in terms of fraud control planning.
Drawing on the content of AS 8001–2008, organisations seeking to develop a robust fraud
control program should develop a fraud control plan based on the following principles:
• comply with AS 8001–2008 (or other similar guidance);
• consultation and review;
• address high-level performance gaps;
• address, at a high level, the fraud risks identified in the risk assessment phase; and
• consider organisational culture.
AS 8001–2008 Fraud and Corruption Control includes a suggested framework for a fraud
control plan in Appendix A.
bribery effectively began in November 1997 when Organisation for Economic Cooperation
and Development (OECD) member countries and five non-member countries adopted
the Convention on Combating Bribery of Foreign Public Officials in International Business
Transactions (the OECD Convention).
The convention came into force on 15 February 1999 and, as at May 2014, a total of 41 countries,
all 34 OECD member countries and seven non-members (Argentina, Brazil, Bulgaria, Colombia,
Latvia, Russia, and South Africa) are parties to the convention (OECD 2014).
You can read about the background and history of the OECD Anti-Bribery Convention at:
http://www.oecd.org/corruption/oecdantibriberyconvention.htm; and
http://www.oecd.org/daf/anti-bribery/ConvCombatBribery_ENG.pdf.
Following adoption of the OECD Convention, the United Nations adopted its own Convention
against Corruption (UNCAC) in October 2003 (United Nations 2004) which, by September 2015,
had been signed by 177 countries.
There has been an increased focus on anti-bribery measures in Australia in recent years,
particularly since 2011. This increased focus has resulted from the introduction of the UK Bribery
Act in 2010 and the prosecution of a number of Australian corporations and individuals in
connection with the Securency case outlined in Example 3.12.
There are a number of measures that can be used to prevent bribery, including:
• legislative;
• enforcement; and
• compliance mechanisms.
Legislative mechanisms include both ‘hard law’ (binding legislative requirements) and
‘soft law’ (non-legislative pronouncements intended as guidance to for-profit organisations
and governments).
Study guide | 255
The hard law mechanisms are country-specific laws against bribery within that jurisdiction and
extraterritorial laws aimed at criminalising domestic entities engaging in corrupt practices
in foreign jurisdictions, such as the US FCPA. The soft law mechanisms include the UNCAC,
the OECD Convention and activities by Non-Governmental Organisations (commonly referred
to as ‘NGOs’) such as Transparency International.
With respect to enforcement, there are many agencies who are active in investigating potential
breaches of anti-bribery legislation, such as (in the United States) the Department of Justice,
the Securities and Exchange Commission and the Federal Bureau of Investigations, and
(in Australia) the Australian Federal Police and the Australian Crime Commission.
There are currently a number of anti-bribery legislative regimes that Australian corporations,
government agencies and other entities must with comply with. Compliance with each of the
following pieces of legislation, as appropriate to the jurisdictions in which a corporation or
other entity operates, is seen as the first line of defence in combatting international corruption:
• Foreign Corrupt Practices Act 1977 (United States);
• Criminal Code Act 1995 (Australia); and
• Bribery Act 2010 (United Kingdom).
MODULE 3
Since 1977, the anti-bribery provisions of the FCPA have applied to all US persons and
certain foreign issuers of US securities. With the enactment of certain amendments in 1998,
‘the anti‑bribery provisions of the FCPA now also apply to foreign firms and persons who
cause, directly or through agents, an act in furtherance of such a corrupt payment to take place
within the territory of the United States’ (U.S. Department of Justice 2015). Some of the largest
FCPA corporate cases prosecuted have involved non-US companies such as Siemens. The US
government continues to actively pursue non-US companies and individuals.
The FCPA also requires companies whose securities are listed in the United States to meet its
accounting provisions. These accounting provisions, which were designed to operate in tandem
with the anti-bribery provisions of the FCPA, require corporations covered by the provisions to:
(a) make and keep books and records that accurately and fairly reflect the transactions of the
corporation; and
(b) devise and maintain an adequate system of internal accounting controls (U.S. Department of
Justice 2015).
Penalties for individuals who breach the FCPA including the accounting provisions, include fines
of up to USD 5 million and imprisonment for up to 20 years. For corporations and other business
entities, fines of up to USD 25 million are available to the courts. Under the Alternative Fines Act,
courts may impose significantly higher fines than those provided by the FCPA including up to
twice the benefit that the defendant obtained by making the corrupt payment.
Australia does not have a Foreign Corrupt Practices Act (like the United States does); instead,
the Criminal Code Act was amended by the proclamation of Criminal Code Amendment
(Bribery Of Foreign Public Officials) Act 1999 (Cwlth). This amendment Act is known informally
as the Bribery of Foreign Public Officials Act. It criminalises bribery payments that are made to
a public official where the aim is to illegitimately acquire some business advantage. The foreign
bribery provisions of the Criminal Code Act are found in Division 70 of the Act.
Penalties for individuals who breach the bribery provisions of the Australian Criminal Code
Act include imprisonment of not more than 10 years, a fine not more than 10 000 penalty units
(one penalty unit is currently equivalent to AUD 180) or both the imprisonment and a fine.
Penalties for corporations include a range of sentencing fine options up to, whichever is the
greater of:
• 100 000 penalty units (currently AUD 18 million);
• three times the value of the benefits derived by the corporation (where this can be
determined); or
• 10 per cent of annual turnover during the 12 months ending in the month the offence occurred.
The Australian Government has been criticised by the OECD for its lack of enforcement of anti
bribery laws. According to a 2011 survey of 88 company executives undertaken by Baker &
MODULE 3
McKenzie LLP, 64 per cent felt that Australian laws were not adequately enforced (Schneider 2011).
As of November 2011, Australia had only prosecuted one case, charging Reserve Bank of
Australia’s units Securency International Pty Ltd and Note Printing Australia Ltd, as well
as employees at the companies, for corrupt payments to obtain banknote printing contracts
(as discussed in Example 3.12). Other cases, such as the Australian Wheat Board (AWB) ‘oil-for-
food scandal’, were investigated and, in the case of AWB, subject to a Royal Commission of
Inquiry (as discussed in Example 3.9).
Penalties for individuals and corporations who breach the UK Bribery Act are severe with individuals
liable to imprisonment for up to 10 years and/or a fine and for corporations a substantial fine
(from April 2015, the fines that can be imposed for offences under the Bribery Act are ‘unlimited’).
It follows from a reading of the provisions of Section 7 that corporations need to be more
‘proactive’ than ‘reactive’ in their anti-bribery response if they are a ‘relevant commercial
organisation’, in effect, if they do business in the United Kingdom. If they fail to take proactive
steps aimed at implementing ‘adequate procedures designed to prevent persons associated
with it from undertaking such conduct’ they may be criminally liable for the conduct of their
people who are involved in bribing foreign officials. An overview of those steps is set out later
in this module.
Only the UK legislation makes it illegal to receive a bribe. Previously, the US FCPA permitted
so-called ‘facilitation payments’, as does the Australian legislation. A ‘facilitation payment’
is defined in the criminal code as a payment that is of nominal value, paid for the sole or
predominant purpose of expediting a minor routine action that is documented by the payer
of the facilitation payment.
MODULE 3
The facilitation payment provisions have now been reversed in the United States so that,
consistent with the UK legislation, facilitation payments as well as bribes are banned. Australian
legislation still permits facilitation payments.
Fines in the UK legislation are unlimited whereas there is a cap in the US and Australian
legislation. All three jurisdictions permit fines linked to the benefit that has been generated
for the organisation by the payment of bribes.
The 2010 case is a good example of where the corrupt transactions would have been rendered less
likely to occur had Alcatel-Lucent complied with relevant anti-bribery legislation.
Alcatel-Lucent’s subsidiaries used a network of consultants to channel bribes worth more than
USD 8 million to government officials to obtain or retain telecommunications and other contracts.
Alcatel-Lucent agreed to pay more than USD 45 million to settle the charges and to pay an additional
USD 92 million to settle criminal charges by the U.S. Department of Justice.
‘Alcatel and its subsidiaries failed to detect or investigate numerous red flags suggesting their
employees were directing sham consultants to provide gifts and payments to foreign government
officials to illegally win business,’ said Robert Khuzami, Director of the SEC’s Division of Enforcement.
‘Alcatel’s bribery scheme was the product of a lax corporate control environment at the company.
Source: U.S. Securities and Exchange Commission 2010, ‘SEC charges Alcatel-Lucent with FCPA
violations’, Media release, accessed July 2015, http://www.sec.gov/news/press/2010/2010-258.htm.
258 | BUSINESS CRIME: INVESTIGATION, DETECTION AND PREVENTION
It is clear that corporations and other organisations operating globally need to take a proactive
approach to foreign bribery for two reasons. Firstly, they need to ensure that their corporate
reputation is not tarnished by the negative publicity associated with discovery of foreign bribery
and, secondly, they need to ensure that they can demonstrate that they have implemented
systems and controls that are likely to be effective in preventing bribery in order to provide an
effective defence against charges that the organisation itself committed an offence through to
conduct of one or more of its personnel.
These principles serve as useful guide for measures that should and could be taken by
organisations seeking to manage the risk of bribery in their international operations particularly
when there are concerns about complying with the Bribery Act (UK).
For further detail about the six principles of the UK Ministry of Justice anti-bribery guidelines see:
https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/181762/bribery-act-
2010-guidance.pdf.
The U.S. Department of Justice and Securities and Exchange Commission has issued its Resource
Guide to the U.S. Foreign Corrupt Practices Act. In this guide, the section ‘Hallmarks of Effective
Compliance Programs’ sets out anti-bribery guidelines and these are in line with those of the
United Kingdom.
Commitment from Senior • Boards and senior executive to set ‘proper tone’ for the company
Management and a • Commitment to culture of compliance that is reinforced internally
Clearly Articulated Policy • Avoid compliance programs that are ‘strong on paper’ but are not
Against Corruption implemented often due to a culture of aggressive sales personnel
preventing compliance personnel from doing their job
• Compliance fails when companies choose ‘profit’ over ‘compliance’
Code of Conduct and • Most effective Codes of Conduct are ‘clear, concise and accessible to
Compliance Policies all employees’
and Procedures • Need to ensure that the code is current and effective
• Policies and procedures must set out compliance responsibilities,
internal controls, auditing and documentation
MODULE 3
business opportunity, potential business partners, level of
involvement with government
Incentives and • Appropriate and clear disciplinary procedures that are applied reliably
Disciplinary Measures and promptly
• Publicising disciplinary action can have a deterrent effect
• Positive incentives can also drive compliant behaviour (e.g. personal
evaluations, promotions, rewards for improving and developing the
compliance program, rewards for ethics and compliance leadership)
• Reward ‘doing the right thing’
Confidential Reporting • Mechanism for employees and others to report suspected or actual
and Internal Investigation misconduct or violations of the company’s policies
• Once an allegation is made, companies should have in place efficient and
reliable investigation processes
• Leverage from the ‘lessons learned’ through the investigation of reported
violations.
260 | BUSINESS CRIME: INVESTIGATION, DETECTION AND PREVENTION
Mergers and Acquisitions: • Important for a company to carry out appropriate due diligence at the
Pre-Acquisition Due time of a merger or acquisition
Diligence and Post- • Lack of due diligence may mean that corrupt practices present in the
Acquisition Integration local entity will continue following the transaction
Source: Adapted from U.S. Department of Justice and SEC 2012 ‘A Resource Guide to the U.S. Foreign
Corrupt Practices Act’, accessed November 2015,
http://www.sec.gov/spotlight/fcpa/fcpa-resource-guide.pdf.
• opening channels of communication within the entity so that employees have a range of
alternative avenues for reporting concerns in relation to possible corrupt conduct; and
• opening channels of communication with customers, vendors and other third parties aimed
at encouraging those parties to come forward if there is an indication of corrupt conduct
involving the entity or any person associated with the entity (AS 8001–2008).
AS 8001–2008 also refers to Business Principles for Countering Bribery published by Transparency
International. The 2013 edition of this document sets out the key anti-bribery principles:
• developing business principles for anti-bribery within the organisation;
• developing a program for countering bribery;
• risk assessment;
• establishing the scope of the anti-bribery program; and
• establishing program implementation requirements (Transparency International 2013, p. 6).
Summary
Fraud and corruption prevention is generally not done well. A sense of complacency often
permeates the business community—proactive measures are typically implemented only in
response to a major incident. Organisations should consider whether they do have an exposure
to fraud and corruption and, if so, objectively consider the potential damage that could be done.
If there is an exposure to fraud and corruption, the fraud prevention measures set out in this
module could be implemented. CPA Australia members have a role in working with their clients
and employers to determine whether there is an exposure to fraud and corruption, and whether
a program for management of the fraud and corruption risk is warranted.
Study guide | 261
Review
This module provided an overview of the range of business crimes encountered by businesses
and government agencies, and discussed how forensic accountants are being engaged to assist
in the investigation, detection and prevention of such activity.
First, we looked at how forensic accounting is now an established separate discipline and how
APES 215 has been issued to assist practitioners. We noted that tertiary education in forensic
accounting is becoming more widely offered by universities and colleges, while many major
accounting firms now contain specialist forensic divisions. The role of ‘forensic accounting’ is
seen as a relatively new, but now well-established, discipline within the accounting profession.
We also highlighted the important point that an accountant does not need to be a ‘forensic
accounting’ specialist to be bound by the provisions of APES 215—any accountant who is
member of a professional body that has adopted this standard (including CPA Australia) and
who is delivering any of the services described in APES 215 is subject to that standard and must
comply with its requirements.
We then covered the concept of ‘business crime’ and its impact on victim organisations.
Business crime can have a major effect on businesses and in some cases even cause a business
to fail.
The next section discussed how the forensic accountant can help clients to investigate business
crimes. It covered ways of detecting business crime and how the risks can be more effectively
managed. We highlighted that one of the key aspects of all forensic accounting assignments
is a focus on evidence, where the forensic accountant is primarily concerned with gathering,
MODULE 3
securing and analysing evidence relevant to a business crime investigation and then presenting
the outcome of this work as clearly as possible.
We reinforced that in carrying out assignments in this area of practice, accountants are bound
by the relevant professional standard (APES 215) and a variety of legal requirements, including
the rules of evidence. We then discussed how the expert witness guidelines of the various
courts make it clear that forensic accountants are servants of the court when giving evidence
and must recognise at all times their paramount duty to the court as distinct from the client who
appointed them. Their reports for courts and clients must, in order to be effective, conform to
the principles of accuracy, clarity, independence, assumptions and relevance, and be properly
referenced. In addition, the module considered the need for an appropriate investigator licence
in certain situations.
The next section discussed fraud detection. We noted that, traditionally, business has been quite
reactive to the issue of fraud and corruption. We discussed a range of tools and techniques that
can be used to help detect fraud in a timely fashion, enabling incidents to be identified earlier.
Finally, we looked at business crime prevention. We mentioned that fraud and corruption
prevention is something that is generally not done well. We discussed how organisations should
consider whether they have an exposure to fraud and corruption and, if so, objectively consider
the potential damage. If there is an exposure, the fraud prevention measures set out in this
module could be implemented.
MODULE 3
Suggested answers | 263
Suggested answers
Suggested answers
Question 3.1
(a) Failing to detect fraud early has a dramatic impact on the total loss for organisations.
The longer the fraud continues, the greater the loss, as shown in Figure 9 in the ACFE report.
The implication of this is that a perpetrator of workplace fraud will continue to offend until
MODULE 3
they are caught. For example (looking at Figure 9), the median fraud loss from incidents
picked up in less than seven months was only $50 000, while the median loss from incidents
picked up in 61 months or more was $965 000. It is interesting to note the linear progression
of the median loss between those extremes. As the report notes, ‘the longer frauds were
able to go undetected, the more costly they become’ (ACFE 2014, p. 16).
(b) External audit was involved in detecting only 3 per cent of detected fraud cases (i.e. not 3%
of cases that actuall y occur). This compares with 3.3 per cent in 2012 and 4.6 per cent in
2010. This contrasts with the expectation of some people in business that an external audit
will be effective in detecting fraud.
(c)
Table SA 3.1: Most common means of fraud detection in a selection of regions
Eastern Europe and Western Central Asia Tip, management review, internal audit
Latin America and the Caribbean Tip, management review, internal audit
Middle East and North Africa Tip, management review, internal audit
264 | BUSINESS CRIME: INVESTIGATION, DETECTION AND PREVENTION
It is interesting to note that, consistently across the world, the most commonly reported
means by which workplace fraud is detected is via ‘tips’.
(d) The sectors with the highest rate of detected internal fraud are banking and financial
services (17% of the total number of cases reported) followed by government and public
administration (10.3%). It is unsurprising that banking and financial services have a higher
rate of internally instigated fraud given the volume and accessibility of funds in that sector
relative to other sectors.
(e) You should consider the data applicable to your own industry sector; however, data for a
selection of sectors is provided in Table SA 3.2.
(f) The report found that organisations rely heavily on an external audit of financial statements
to identify fraud, with 81.4 per cent of organisations saying that this is one of their fraud
MODULE 3
detection strategies. This is in contrast to the very low rate of fraud detection by the external
audit process. Other fraud detection strategies include having a code of conduct (77.4%) and
having an internal audit department. From Figure 26 in the ACFE report, it is clear that many
organisations have multiple strategies in place aimed at detecting workplace fraud.
(g) The survey does not provide the profile of a typical fraudster but we are able to build our own
profile based on the highest frequency of each of the available parameters, which shows:
–– male (66.8%);
–– aged 41 to 45 years (frequency rather than value) (18.1%);
–– employed in the accounting department (17.4%);
–– non-management employee (frequency) (42%);
–– 12 months to detect the fraud (for non-management employee);
–– acting alone (54.9%);
–– involved in corruption of billing (false invoicing) schemes (around 22% each);
–– in role for between one and five years (40.7%);
–– no prior criminal history (86.6%); and
–– exhibiting signs of living beyond their means (43.3%).
(h) Males are more commonly associated with workplace fraud incidents according to the
survey, with 66.8 per cent of offenders being male (this is consistent with the other Report
to the Nations surveys published in recent years). Representation of males in fraud cases
varies across different regions. Males also are responsible for a higher median value of loss,
which is in part due to a higher proportion of males who commit fraud being in management
or owner/executive positions. Males also exhibit different behavioural red flags than females,
with fewer males than females committing fraud because of financial difficulties.
Suggested answers | 265
Question 3.2
(a) The Australian Institute of Criminology table shows a steady decline in the rates of reported
fraud over the last 10 years, but for the first time since 2004–05, there was an increase in
reported rates in 2011–12. The survey notes that the increase in 2011–2012 may be due to
‘changes to counting rules rather than an increase in reported offences’ (AIC 2014, p. 35).
This decline over the last 10 years (other than 2011–12) is at odds with recent estimates and
surveys, which all talk about an increase in fraud not a decrease. It is arguable that the decline
in reporting rates is just that—a decline in the rate of fraud reported rather than a decline in
the number of cases.
(b) Depending on the jurisdiction, reporting fraud to the police or other law enforcement
agencies may not be mandatory. That leaves open the question of whether business is less
inclined to report such matters to law enforcement than it once was. Some of the reasons
why business crime victims may be inclined not to report business crimes to law enforcement
agencies are as follows:
–– a wish to avoid negative publicity;
–– a sense that the organisation has nothing to gain;
–– fears that the investigation will involve the organisation unduly in a protracted legal
proceeding; and
–– fears that criminal action against the perpetrator will adversely affect any civil
proceedings taken by the victim.
(c) The report notes that ‘Fraud is believed to be one of the most under-reported offences,
with fewer than 50 percent of incidents being reported to police or other authorities’
(AIC 2014, p. 34). This is similar to the data set out in the Report to the Nations on
MODULE 3
Occupational Fraud and Abuse (ACFE 2014).
Question 3.3
The forensic accountant investigating a business crime, such as bribery and corruption,
is focused on capturing and analysing evidence. This will involve:
• searching for and capturing relevant evidence;
• identifying witnesses to interview;
• interviewing witnesses;
• analysing bank records (both in terms of potential payer and potential receivers
of bribe payments);
• reviewing electronic communications;
• reviewing social media to look for relationships between the various parties;
• preparing relationship charts;
• analysing all evidence (including the oral evidence of witnesses); and
• reporting.
266 | BUSINESS CRIME: INVESTIGATION, DETECTION AND PREVENTION
Question 3.4
There are a number of controls and initiatives that organisations can take to counter the risks of
corruption:
• develop and implement a corruption control plan;
• develop and implement a communication program;
• enhance probity and contracting procedures;
• install a program of alternative avenues for reporting suspicions of corruption; and
• open channels of communication with customers, vendors and other third parties.
In relation to enhanced probity and contracting procedures, organisations should ensure that
they have a policy of rotation so that their personnel do not establish an improper association
with a supplier, customer or other business partner through an association that has continued for
too long.
Question 3.5
(a) The objective of money laundering is to enable people with a beneficial interest in the
proceeds of criminal activity to enjoy the fruits of their criminal conduct while at the same
time satisfactorily accounting for the source of those funds to government investigation and
regulatory bodies. Without money laundering, the proceeds of large criminal activity would
not be available to the criminals who generated it as they would not be able to demonstrate
the legitimacy of the income.
MODULE 3
Question 3.6
(a) There would be a chain of records and documents held by the company, and which are the
property of the company, that can be sourced for analysis. These would include:
–– accounting records disclosing the services rendered and the subsequent billing history
of the company to the client(s); and
–– accounting records of payments received from the client company, including bank
statements of the company.
These internal company records can be analysed to find out, by careful reconciliation,
the correct level of billing to the client and the correct level of payments received—allowing
for an accurate calculation of any difference.
Assuming the client company is willing to assist in the investigation, that entity should
be able to provide copies of their records showing receipt of bills and their payments.
Matching these records would disclose funds:
–– yet to be paid;
–– paid and received; and
–– paid and not received by your client.
Suggested answers | 267
It then may be necessary to seek a court order to obtain the banking records of the
employee. This may be possible in a situation where you are able to gather sufficient
evidence to present to a court.
Question 3.7
The Analyst’s Notebook software program would assist in preparing a forensic accountant’s
report in a business crime investigation by showing:
• relationships between individuals, corporations and other parties;
• timelines of events; and
• movement of funds between various relevant parties.
Question 3.8
Payroll fraud presents accounting anomalies such as:
MODULE 3
• casual staff who have not worked for some time suddenly being included on the payroll;
• salary and wages for more than one employee being paid into a common account;
• alterations to time sheets or other payroll records to show more hours worked;
• alterations to hourly rates; and
• unusual claims for higher-duties allowances.
Question 3.9
Horizontal analysis
• In Year 2 there has been an 80 per cent increase in sales—this would seem to be a dramatic
increase in sales volume in one year.
• At the same time, the cost of goods sold (COGS) has increased by 140 per cent—it would be
worthwhile making inquiries about why the increase in COGS is out of step with the increase
in sales (you would expect them to be similar).
However, it could also be due to other non-integrity related matters—for example, a price
reduction in order to compete in the market or obsolete inventory being written off.
268 | BUSINESS CRIME: INVESTIGATION, DETECTION AND PREVENTION
Vertical analysis
• Cost of goods as a ratio of sales volume is very high in this business for both Year 1
and Year 2 (50% and 67% respectively relative to an industry average of 42% of sales)—
this variation would need to be investigated and accounted for.
• Selling and administration expenses appear to be quite high relative to the industry average.
Vertical analysis shows unusual variations in COGS, which are worthy of further investigation.
The potential fraud types are the same as for the horizontal analysis. Higher than expected
selling and administration expenses as a proportion of sales could indicate manipulation,
such as false invoices for services associated with these functions. But again, there may be
other legitimate reasons for the apparent anomalies.
Question 3.10
Accounts payable/procurement fraud (otherwise referred to as false invoicing) is a commonly
encountered workplace fraud. It is important to consider the risks in all their variations to ensure
that an accurate assessment of the risks confronting the business can be achieved. So, for example,
when conducting a fraud risk assessment, the risk would not be limited to a generic ‘accounts
payable fraud’—it would need to include as many of the variations as listed below that apply to
the business under review.
MODULE 3
–– if there have been changes, considering whether any of the additional account numbers
are ‘known’ to Midland (either another vendor or an employee);
–– assessing the value of all variations to test the assertion by the whistleblower that
variation payments have been split; and
–– if the data is available, identifying the personnel who processed and authorised the
variation payments.
Phase 6: Reporting
–– Report of findings to be in accordance with the requirements of APES 215 and having
regard to the fact that the matter is likely to be heard in the Malaysian legal system.
–– The report must set out quantification of any loss and the evidence gathered and
examined that supports that calculation.
–– Consider reporting any findings to law enforcement agencies in Malaysia.
–– Consider Midland’s options for further action and include these in the report.
MODULE 3
Evidence Approach
All Midland KL campus records including capital This should all be freely accessible from KL.
project files, tender evaluation files, payment
records, invoices, correspondence
Email accounts of the Director and Business This should all be freely accessible from KL.
Manager and the laptop computers and smart
phones for each
Banking records of the Director You would attempt to obtain these voluntarily.
Failing this you would consider seeking an order
of the court for non-party discovery against the
Director’s banker.
Evidence in relation to the work done on the You would attempt to obtain these voluntarily.
Director’s own premises Failing this you would consider seeking an order
of the court for non-party discovery against
the Director.
Note: This would be done as part of ‘Phase 4: Gathering and securing evidence’ as mentioned in
Case Study 3.2.
Suggested answers | 271
On the basis of this evidence, it appears that there are possible kickbacks being paid to the
Director by the builder of the KL campus. It appears that there is a need for:
–– a complete investigation into the matter;
–– suspension of the Director pending the outcome of the investigation;
–– commencement of legal proceedings in order to obtain orders for discovery, etc. from
the Malaysian courts; and
–– reporting of the matter to the Malaysian police.
(b) As mentioned, there is a case for involving the police on the basis of the available evidence.
As any offences occurred in Malaysia, there will be difficulties associated with preparing the
case from New Zealand. This may be a factor in whether Midland is prepared proceed with a
police report.
MODULE 3
On the assumption that a decision is made to report the matter to the Malaysian police,
the following is a summary of how the reporting would be structured:
–– case summary;
–– list of witnesses;
–– witness statements (or affidavits) in legally admissible form as required in each
jurisdiction—including the statements of the informant (if relevant) and investigators
at the end of all witness statements;
–– transcripts of interviews or other documentation evidencing the interview with the
person charged;
–– list of exhibits;
–– copies of exhibits; and
–– diagrammatic representation of the evidence.
MODULE 3
References | 273
References
References
Accounting Professional & Ethical Standards Board 2013, APES 215 Forensic Accounting
Services, accessed August 2015, http://www.apesb.org.au/uploads/standards/apesb_
standards/13092014103232p1.pdf.
Albrecht, W. S., Albrecht, C. O., Albrecht, C. C. & Zimbelman, M. F. 2014, Fraud Examination,
5th edn, South-Western Cengage Learning, Mason, Ohio.
MODULE 3
Allsop, J. 2013, ‘Expert witnesses in proceedings in the Federal Court of Australia—Practice
Note CM 7’, Federal Court of Australia, accessed July 2015, http://www.fedcourt.gov.au/law-and-
practice/practice-documents/practice-notes/cm7.
Association of Certified Fraud Examiners (ACFE) 2014, Report to the Nations on Occupational
Fraud and Abuse—2014 Global Fraud Study, accessed August 2015, http://www.acfe.com/rttn/
docs/2014-report-to-nations.pdf.
Australian Bureau of Statistics 2012, Personal Fraud, 2010–2011, cat. no. 4528.0, accessed August
2015, http://www.abs.gov.au/ausstats/abs@.nsf/mf/4528.0.
Australian Crime Commission (ACC) 2013, ‘Financial crimes’, accessed August 2015, https://www.
crimecommission.gov.au/sites/default/files/FINANCIAL%20CRIMES%20JULY%202013.pdf.
Australian Institute of Criminology (AIC) 2014, Australian Crime: Facts & Figures: 2013, accessed
August 2015, http://aic.gov.au/publications/current%20series/facts/1-20/2012/2_profiles.html.
Australian Payments Clearing Association (APCA) 2014, Australian Payments Fraud Details and
Data, accessed August 2015, http://www.apca.com.au/docs/fraud-statistics/Australian-payments-
fraud-details-and-data-2014.pdf.
Australian Securities & Investments Commission (ASIC) 2014, ASIC Enforcement Outcomes:
July to December 2013, Report 383, pp. 32–3, accessed August 2015, http://download.asic.gov.
au/media/1344494/rep383-published-11-February-2014.pdf.
274 | BUSINESS CRIME: INVESTIGATION, DETECTION AND PREVENTION
Baker, R. & McKenzie, N. 2012 ‘Guilty plea in RBA scandal’, Sydney Morning Herald, accessed
July 2015, http://www.smh.com.au/federal-politics/political-news/guilty-plea-in-rba-scandal-
20120718-22ap8.html#ixzz3gHmSVj5X.
Cleveland, M., Favo, C. M., Frecka, F. J. & Owens, C. L. 2009, ‘Trends in the international fight
against bribery and corruption’ Journal of Business Ethics, vol. 90, issue 2, pp. 199–244.
Cressey, D. R. 1973, Other People’s Money, Patterson Smith, Montclair, New Jersey.
Crumbley, D. & Apostolou, N. 2007, ‘America’s first (and most fearless) high-profile forensic
accountant’, The Value Examiner, September/October.
Department of Justice (US) 2008, ‘Siemens AG and three subsidiaries plead guilty to Foreign
Corrupt Practices Act violations and agree to pay $450 million in combined criminal fines’,
accessed August 2015, http://www.justice.gov/opa/pr/2008/December/08-crm-1105.html.
Ernst & Young 2014, Overcoming Compliance Fatigue—13th Global Fraud Survey,
accessed August 2015, http://www.ey.com/Publication/vwLUAssets/Overcoming_compliance_
fatigue/$FILE/13th%20GLOBAL%20FRAUD%20SURVEY%20FINAL%20low%20res.pdf.
Madinger, J. 2012, Money Laundering: A Guide for Criminal Investigators, 3rd edn, CRC Press,
Boca Raton, Florida.
Sainsbury, M. 2010, ‘Rio Tinto’s Stern Hu jailed for 10 years’, The Australian, accessed August
2015, http://www.theaustralian.com.au/business/mining-energy/rio-tintos-stern-hu-jailed-10-
years/story-e6frg9df-1225847088979.
Shields, A. 2009, ‘History of forensic accounting’, Dolman Bateman, 5 March, accessed August
2015, http://www.dolmanbateman.com.au/125/history-of-forensic-accounting.
Schneider, J. 2011 ‘Australia’s enforcement of bribery laws slack, executives say’, Businessweek,
23 November, accessed May 2013, http://www.businessweek.com/news/2011-11-23/australia-s-
enforcement-of-bribery-laws-slack-executives-say.html.
Standards Australia, AS 8001–2008 Fraud and Corruption Control, Standards Australia, Sydney.
Sutherland, E. H. 1949, White Collar Crime, Dryden Press, New York.
Transparency International 2015, Business Principles for Countering Bribery 2013, accessed
November 2015, http://www.transparency.org/whatwedo/tools/business_principles_for_
countering_bribery/1.
References | 275
United Nations 2004, United Nations Convention Against Corruption, accessed November 2015,
http://www.unodc.org/documents/treaties/UNCAC/Publications/Convention/08-50026_E.pdf.
U.S. Department of Justice 2015, ‘Foreign Corrupt Practices Act, An Overview’, accessed
November 2015, http://www.justice.gov/criminal-fraud/foreign-corrupt-practices-act.
U.S. Department of Justice and SEC 2012, A Resource Guide to the U.S. Foreign Corrupt Practices
Act, accessed November 2015, http://www.sec.gov/spotlight/fcpa/fcpa-resource-guide.pdf.
U.S. Securities and Exchange Commission 2008, ‘SEC charges Siemens AG for engaging in
worldwide bribery’, accessed August 2015, https://www.sec.gov/news/press/2008/2008-294.htm.
Wells, J. T. 2013, Corporate Fraud Handbook—Prevention and Detection, 4th edn, John Wiley &
Sons, Hoboken, New Jersey.
World Bank & United Nations 2011, ‘Fact sheet on stolen asset recovery’, accessed August 2015,
http://www.unodc.org/pdf/Star_FactSheet.pdf.
Optional reading
Financial Action Task Force (FATF) 2012, FATF Recommendations: International Standards on
Combating Money Laundering and the Financing of Terrorism and Proliferation, Organization
for Economic Co-operation and Development, Paris.
Hoffman, R., Finney, W., Cox, P. & Cooper, K. 2013, The Accountant as an Expert Witness:
A Basic Guide to Forensic Accounting, 2nd edn, CCH Australia Ltd, Sydney.
MODULE 3
Taylor, J. 2011, Forensic Accounting, Prentice Hall Financial Times, New York.
MODULE 3