Professional Documents
Culture Documents
Conflicts
of Interest Cash Financial
Illegal
Gratuities
Economic
Extortion 12
Opportunity
Fraud
Triangle
Pressure Rationalization 23
Pressure/Motivation
◦ Corporate Pressures
Bonus, compensation & recognition based on
financial results
Budget and goal achievement
Fear of failure or negative sanctions
associated with failure
Pressure/Motivation
◦ Individual Employee Pressures
Corporate Problems
Resentment, jealousy, retaliation or revenge
For the “good of the team”
Personal Problems
Living beyond one’s means
High personal debt
Pay not commensurate with job
Gambling problems
Alcohol, drugs or illicit relationships
Death, divorce, illness
Family and/or peer pressure
Opportunity
◦ Generally due to internal control weaknesses
Lack of segregation of duties
Lack of effective review and approvals
Ineffective Control Environment
No fraud prevention culture
Lack of emphasis on integrity
Lack of effective executive example
At management levels, it is often due to override of controls
Rationalization
◦ perpetrator that committing fraud is reasonable under the circumstances
“I’m just borrowing the money and I intend to pay it back.”
“The company is cheating me by not paying me what I’m worth.”
“Everyone is a little dishonest.”
“The company is cheating our customers, so they deserve to get fleeced.”
“I’m a shareholder/partner, so the money is really mine anyway.”
This is the match that lights the fuse to fraud!
EMPLOYEE FRAUD AND CORPORATE
CULTURE
◦ The following factors in corporate culture can contribute to
pressure:
Poor employee compensation
Excessive pressure to perform
Hostile work environment
Corporate financial troubles
Negative examples set by top management
RED FLAGS
A red flag is a set of circumstances that are
unusual in nature or vary from the normal activity.
It is a signal that something is out of the ordinary
and may need to be investigated further.
Remember that red flags do not indicate guilt or
innocence but merely provide possible warning
signs of fraud.
Financial Statement Fraud Categories and Red
Flags
◦ Overstated revenues.
◦ Management estimates.
◦ Pro formas can mislead.
◦ Earnings problems: masking reduced cash flow.
◦ Earnings before interest, tax, depreciation, and amortization
(EBITDA).
◦ Excessive debt.
◦ Inventory problems.
Forensic and Investigative Accounting Chapter 4 32
Roles Of An Internal Auditor’s Role In Investigating Fraud
• Needs to be defined in the internal audit charter,
• In the fraud policies and procedures.
• Act as a resource for the investigation
• Refrain from any involvement in the investigation.- responsible for assessing the
effectiveness of the investigation or because it lacks the appropriate resources to be involved
in investigation.
• Advicing management
• Monitoring the investigation process to help the organization follow relevant policies,
procedures and applicable laws and statutes.
• Support the organization in the legal proceedings, insurance claims or any other recovery
actions.
• Evaluate and monitor the organisation’s internal and external post investigation reporting and
communication plans and practices.
• Internal auditors can also monitor the implementation of the recommended control
enhancement.
SARBANES-OXLEY ACT
◦ Was approved by the Congress in 2002
◦ Also known as
Public Company Reform and Investor Protection
Act
Corporate and Criminal Fraud Accountability Act
White Collar Crime Penalty Enhancement Act
TITLE 8 – CORPORATE AND CRIMINAL
FRAUD ACCOUNTABILITY
◦This section protects the whistle-blowers
and prescribes serious prison terms for
those who obstruct justice or defraud
shareholders
◦Contains S802 – S807
SOX REGULATORY FRAMEWORK
PURPOSE OF SARBANES-OXLEY ACT
◦ To improve the quality and transparency in Financial reporting
and independent audits and accounting services for public
companies
◦ Enhance the standard setting process for accounting practice
◦ Strengthen the independence of firm that audits public companies
◦ Increase corporate responsibility and the usefulness of corporate
financial disclosure
◦ Protect the objectivity and independence of securities analyst
◦ To improve Securities and Exchange Commission resource and
SARBANES OXLEY ACT
◦ Contains 11 titles and each title comprises multiple sections
1.Public Company Accounting Oversight Board
2.Auditor Independence
3.Corporate Responsibility
4.Enhanced Financial Disclosure
5.Analyst Conflicts Of Interest
6 & 7 Commission Resources and Authority and Studies and Report
8.Corporate and Criminal Fraud Accountability
9.White Collar Crime Penalty Enhancement
10.Corporate Tax Returns
11.Corporate Fraud and Accountability
TITLE 3 – CORPORATE RESPONSIBILITY
◦ Contains 8 numbered sections
◦ S301 – Public Company Audit Committees
◦ S302 – Corporate Responsibility For
Financial Reports
◦ S303 – Unlawful for executive/directors to influence audit firms in course of audit
◦ S304 – requires CEO to disgorge themselves from any profit from the sale of companies
securities
◦ S305- grants the SEC the authority to permanently bar executives who violate securities laws
◦ S306- prevents insider trading during certain blackout periods related to pension plans
◦ S307 – requires attorneys to report evidence of a material violation of sercurities law
◦ S308 – Fair funds to investors
TITLE 4 – ENHANCED FINANCIAL
DISCLOSURES
◦ Contains 9 number sections – S401-S409
◦ Purpose of this section is to forbid certain personal
loan and to mandate certain financial disclosure
TITLE 8 – CORPORATE AND CRIMINAL
FRAUD ACCOUNTABILITY
◦This section protects the whistle-blowers
and prescribes serious prison terms for
those who obstruct justice or defraud
shareholders
◦Contains S802 – S807
TITLE 9 – WHITE COLLAR CRIME
PENALTY ENHANCEMENT
◦ This provision distinguishes between acts that are
done knowingly versus those that are done both
knowingly and willfully
◦ Increases maximum prison sentence for mail, wire
fraud and violation of Employee Retirement Income
Scheme
TITLE 11 – CORPORATE FRAUD
◦ Establishes potential prison term for anyone who alters, destory, mulilates or
conceal records, document or other objects
◦ Empowers the SEC to petition federal courts for temporary injunctions to
freeze pending extraordinary payments
◦ Increase the penalty for the violations of S.32(a) of the Securities and
Exchange Act
◦ Empowers the SEC to bar from serving as corporate officers any individual
who commit fraudulent transactions
SOX COMPLIANCE
◦ SOX Rules, Regulations, and Standards (SOX involves an ongoing rulemaking and regulatory
process)
◦ The Federal Criminal Sentencing Guidelines (point system with mitigation for ethics and control
processes)
◦ The COSO Reports
◦ Focus on basic control processes and risk management
◦ The COBIT Standard
◦ Contains high-level and detailed control objectives, audit guidelines, and management guidelines
◦ ISO 27002
◦ Contains 11 major topics, with over 5,000 controls in total
◦ Comparison of the Various Models for Control Practices
SOX AND SMALL PUBLIC COMPANIES
◦ Sox 404 Compliance with Small Public Companies
◦ Leadership involvement and effective boards of directors
◦ Compensating for limited segregation of duties by management reviews
◦ Compensating for limited IT by using ASPs
◦ How Small Public Companies Can Achieve Efficiency in Internal Control Processes
◦ Apply a risk-based approach
◦ Focus on changes
◦ Manage reporting objectives
◦ Right-sizing documentation