Accounting Information Systems: 9 Edition

Accounting
Information
Systems
9th Edition
Marshall B. Romney
Paul John Steinbart
©2003 Prentice Hall Business Publishing, 9-1

Accounting Information Systems, 9/e, Romney/Steinbart
Computer Fraud
Chapter 9

Learning Objectives
1. Describe fraud and describe the process one
follows to perpetuate a fraud.
2. Discuss why fraud occurs, including the
pressures, opportunities, and rationalizations
that are present in most frauds.
3. Compare and contrast the approaches and
techniques that are used to commit computer
fraud.
4. Describe how to deter and detect computer
fraud.
Introduction
 Jason Scott finished his tax return.

 Everything was in order except his
withholding amount.
 For some reason, the federal income
tax withholdings on his final paycheck
was $5 higher than on his W-2 form.
 What did he discover?

Introduction
 Most of the 1,500 company employees had

a $5 discrepancy between their reported
withholdings and the actual amount
withheld.
 The W-2 of Don Hawkins, one of the
programmers in charge of the payroll
system, showed that thousands of dollars
more in withholding had been reported to
the IRS than had been withheld from his
paycheck.

Introduction
 What constitutes a fraud, and is the

withholding problem a fraud?
 If this is indeed a fraud, how was it
perpetrated?

Introduction
 Why did the company not catch these

mistakes earlier?
 Was there a breakdown in controls?
 What can the company do to detect

and prevent fraud?
 Just how vulnerable are computer
systems to fraud?

Introduction
 This chapter describes the fraud
process.
 It also explores the reasons that fraud
occurs.
 The chapter also describes the
approaches to computer fraud and the
specific techniques used to commit it.
 Finally, several methods to deter and
detect fraud are analyzed.

Learning Objective 1
Understand what fraud

is and the process one
follows to perpetuate a
fraud.

The Fraud Process
Most frauds involve three steps.
The theft of
something
The conversion
to cash
The
concealment
The Fraud Process
 What is a common way to hide a

theft?
– to charge the stolen item to an
expense account
 What is a payroll example?
– to add a fictitious name to the
company’s payroll

The Fraud Process
 What is lapping?
 In a lapping scheme, the perpetrator
steals cash received from customer A
to pay its accounts receivable.
 Funds received at a later date from
customer B are used to pay off
customer A’s balance, etc.

The Fraud Process
What is kiting?
 In a kiting scheme, the perpetrator
covers up a theft by creating cash
through the transfer of money
between banks.
 The perpetrator deposits a check from
bank A to bank B and then withdraws
the money.

The Fraud Process
 Since there are insufficient funds in bank A

to cover the check, the perpetrator deposits
a check from bank C to bank A before his
check to bank B clears.
 Since bank C also has insufficient funds,
money must be deposited to bank C before
the check to bank A clears.
 The scheme continues to keep checks from
bouncing.

Discuss why fraud

occurs, including the
pressures, opportunities,
and rationalizations that
are present in most
frauds.
Why Fraud Occurs
Researchers have compared the psychological and
demographic characteristics of three groups of people:
White-collar
criminals
Few differences
Significant General
differences public
Violent
criminals

Why Fraud Occurs
What are some common characteristics

of fraud perpetrators?
 Most spend their illegal income rather than

invest or save it.
 Once they begin the fraud, it is very hard for
them to stop.
 They usually begin to rely on the extra income.

Why Fraud Occurs
 Perpetrators of computer fraud tend to be

younger and possess more computer
knowledge, experience, and skills.
 Some computer fraud perpetrators are more
motivated by curiosity and the challenge of
“beating the system.”
 Others commit fraud to gain stature among
others in the computer community.

Why Fraud Occurs
 Three conditions are necessary for

fraud to occur:
1 A pressure or motive
2 An opportunity
3 A rationalization

Pressures
 What are some financial pressures?

– living beyond means
– high personal debt
– “inadequate” income
– poor credit ratings
– heavy financial losses
– large gambling debts

Pressures
 What are some work-related

pressures?
– low salary
– no recognition of performance
– job dissatisfaction
– fear of losing job
– overaggressive bonus plans

Pressures
 What are other pressures?

– challenge
– family/peer pressure
– emotional instability
– need for power or control
– excessive pride or ambition

Opportunities
 An opportunity is the condition or

situation that allows a person to
commit and conceal a dishonest act.
 Opportunities often stem from a lack
of internal controls.
 However, the most prevalent
opportunity for fraud results from a
company’s failure to enforce its
system of internal controls.
Rationalizations
Most perpetrators have an excuse or a
rationalization that allows them to justify their
illegal behavior.
 What are some rationalizations?
 The perpetrator is just “borrowing” the stolen
assets.
 The perpetrator is not hurting a real person, just a
computer system.
 No one will ever know.

Compare and contrast

the approaches and
techniques that are
used to commit
computer fraud.

Computer Fraud
 The U.S. Department of Justice defines

computer fraud as any illegal act for which
knowledge of computer technology is
essential for its perpetration, investigation,
or prosecution.
 What are examples of computer fraud?
– unauthorized use, access, modification,
copying, and destruction of software or data

Computer Fraud
– theft of money by altering computer

records or the theft of computer time
– theft or destruction of computer
hardware
– use or the conspiracy to use computer
resources to commit a felony
– intent to illegally obtain information or
tangible property through the use of
computers

The Rise in Computer Fraud
 Organizations that track computer

fraud estimate that 80% of U.S.
businesses have been victimized by
at least one incident of computer
fraud.

The Rise in Computer Fraud
No one knows for sure exactly how much

companies lose to computer fraud. Why?
 There is disagreement on what computer fraud is.
 Many computer frauds go undetected, or
unreported.
 Most networks have a low level of security.
 Many Internet pages give instructions on how to
perpetrate computer crimes.
 Law enforcement is unable to keep up with fraud.

Computer Fraud
Classifications
Data fraud
Input Output
fraud Processor fraud fraud
Computer
instruction fraud
Computer Fraud and
Abuse Techniques
What are some of the more common
techniques to commit computer fraud?
– Cracking
– Data diddling
– Data leakage
– Denial of service attack
– Eavesdropping
– E-mail forgery and threats
Computer Fraud and
Abuse Techniques
– Hacking
– Internet misinformation and terrorism
– Logic time bomb
– Masquerading or impersonation
– Password cracking
– Piggybacking
– Round-down
– Salami technique
Computer Fraud and
Abuse Techniques
– Software piracy
– Scavenging
– Social engineering
– Superzapping
– Trap door
– Trojan horse
– Virus
– Worm
Describe how to deter

and detect computer
fraud.

Preventing and Detecting
Computer Fraud
What are some measures that can
decrease the potential of fraud?
1 Make fraud less likely to occur.
2 Increase the difficulty of committing
fraud.
3 Improve detection methods.
4 Reduce fraud losses.
5 Prosecute and incarcerate fraud
perpetrators.
Computer Fraud
1 Make fraud less likely to occur.
 Use proper hiring and firing practices.
 Manage disgruntled employees.
 Train employees in security and fraud
prevention.
 Manage and track software licenses.
 Require signed confidentiality
agreements.
Computer Fraud
2 Increase the difficulty of committing
fraud.
 Develop a strong system of internal
controls.
 Segregate duties.
 Require vacations and rotate duties.
 Restrict access to computer
equipment and data files.
 Encrypt data and programs.

Computer Fraud
3 Improve detection methods.
 Protect telephone lines and the
system from viruses.
 Control sensitive data.
 Control laptop computers.
 Monitor hacker information.

Computer Fraud
4 Reduce fraud losses.
 Maintain adequate insurance.
 Store backup copies of programs and
data files in a secure, off-site location.
 Develop a contingency plan for fraud
occurrences.
 Use software to monitor system
activity and recover from fraud.

Computer Fraud
5 Prosecute and incarcerate fraud
perpetrators.
 Most fraud cases go unreported and
unprosecuted. Why?
• Many cases of computer fraud are as yet
undetected.
• Companies are reluctant to report
computer crimes.

Computer Fraud
 Law enforcement officials and the courts are
so busy with violent crimes that they have
little time for fraud cases.
 It is difficult, costly, and time consuming to
investigate.
 Many law enforcement officials, lawyers,
and judges lack the computer skills needed
to investigate, prosecute, and evaluate
computer crimes.

Case Conclusion
 What did Jason present to the

president?
 A copy of his own withholding report
filed with the IRS and a printout of
withholdings from the payroll records.

Case Conclusion
 How did Jason believe the fraud was
perpetrated?
 The payroll system had undergone some minor
modifications.
 The payroll project had been completed without the
usual review by other systems personnel.
 An unusual code subtracted $5 from most
employees’ withholdings and added it to Don’s.

Case Conclusion
 What guidelines should Jason suggest to
prevent this from happening again?
 Strictly enforce existing controls.
 New controls should be put into place to
detect fraud.
 Employees should be trained in fraud
awareness, security measures, and ethical
issues.
 Jason also urged the president to
prosecute the case.

End of Chapter 9


Accounting Information Systems: 9 Edition

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Accounting Information Systems: 9 Edition

Uploaded by

Copyright:

Available Formats

Accounting

©2003 Prentice Hall Business Publishing, 9-1

©2003 Prentice Hall Business Publishing, 9-2

 Jason Scott finished his tax return.

©2003 Prentice Hall Business Publishing, 9-4

 Most of the 1,500 company employees had

©2003 Prentice Hall Business Publishing, 9-5

 What constitutes a fraud, and is the

©2003 Prentice Hall Business Publishing, 9-6

 Why did the company not catch these

 What can the company do to detect

©2003 Prentice Hall Business Publishing, 9-7

©2003 Prentice Hall Business Publishing, 9-8

Understand what fraud

©2003 Prentice Hall Business Publishing, 9-9

 What is a common way to hide a

©2003 Prentice Hall Business Publishing, 9-11

©2003 Prentice Hall Business Publishing, 9-12

©2003 Prentice Hall Business Publishing, 9-13

 Since there are insufficient funds in bank A

©2003 Prentice Hall Business Publishing, 9-14

Discuss why fraud

©2003 Prentice Hall Business Publishing, 9-16

What are some common characteristics

 Most spend their illegal income rather than

©2003 Prentice Hall Business Publishing, 9-17

 Perpetrators of computer fraud tend to be

©2003 Prentice Hall Business Publishing, 9-18

 Three conditions are necessary for

©2003 Prentice Hall Business Publishing, 9-19

 What are some financial pressures?

©2003 Prentice Hall Business Publishing, 9-20

 What are some work-related

©2003 Prentice Hall Business Publishing, 9-21

 What are other pressures?

©2003 Prentice Hall Business Publishing, 9-22

 An opportunity is the condition or

©2003 Prentice Hall Business Publishing, 9-24

Compare and contrast

©2003 Prentice Hall Business Publishing, 9-25

 The U.S. Department of Justice defines

©2003 Prentice Hall Business Publishing, 9-26

– theft of money by altering computer

©2003 Prentice Hall Business Publishing, 9-27

 Organizations that track computer

©2003 Prentice Hall Business Publishing, 9-28

No one knows for sure exactly how much

©2003 Prentice Hall Business Publishing, 9-29

Describe how to deter

©2003 Prentice Hall Business Publishing, 9-34

©2003 Prentice Hall Business Publishing, 9-37

©2003 Prentice Hall Business Publishing, 9-38

©2003 Prentice Hall Business Publishing, 9-39

©2003 Prentice Hall Business Publishing, 9-40

©2003 Prentice Hall Business Publishing, 9-41

 What did Jason present to the

©2003 Prentice Hall Business Publishing, 9-42

©2003 Prentice Hall Business Publishing, 9-43

©2003 Prentice Hall Business Publishing, 9-44

©2003 Prentice Hall Business Publishing, 9-45

You might also like