CHAPTER 8

INVESTIGATION OF
FRAUD
 Learning Objectives

After going through this chapter, you should be able

to:
 Describe fraud and its connection with the motivation to
commit fraud.
 Understand how fraud can be detected through
identification of red flags.
 Illustrate the role of internal auditors in combating fraud.

2
 Introduction
Fraud has negatively impacted organisations in
different ways, including financial, reputational,
psychological and social. Organisations have been
forced to cease operations due to the impact of
financial and reputation damages. Victims of fraud also
suffer mental and emotional harm and stress related
physical effects in addition to financial losses.

3
Definition of Fraud
Fraud encompasses a wide range of irregularities and illegal acts
characterized by intentional deception or misrepresentation. In
general, fraud is defined as an act or course of deception, an
intentional concealment, omission or perversion of truth, to
• gain unlawful or unfair advantage,
• induce another to part with some valuable item or surrender a 
legal right, and/or
• inflict injury in some manner.
• Wilful fraud is a criminal offense which calls for severe
penalties, and its prosecution and punishment (like that of a
murder) is not bound by the statute of limitations.

4
Other Definitions of Fraud
1) ‘as an advantage gained by unfair or wrongful means, an
infraction of the rules of fair trade; a false representation of
fact made knowingly, without belief in its truth, recklessly,
not caring whether it is true or false’
2) ‘as a deception deliberately practiced in order to secure
unfair or unlawful gain’.
3) Intentional misinterpretations of financial information by
one or more individuals among management, employees
or third parties.

5
 Employees and Management Fraud
Crime of the 21st century
Fraud in universe is made up of three main
categories:
1) fraud that has been discovered, made public and
prosecuted (20%)
2) fraud that has been discovered, but not prosecuted
(40%)
3) fraud that has not been discovered (40%)

 Large portion of what have been discovered is by accidental

6
 Elements of Fraud
At least two or more parties to the fraud
A material omission or false representation
Must be intent by the perpetrator
The victim must have legal right to reply
Must be either actual injury or a risk of injury
to the victim
An attempt to camouflage
Involves betrayal of trust

7
 Issues Relating to Fraud
What does fraud look like?
Who are the fraudsters?
How are frauds committed?
Why are frauds committed?

8
 Types of Fraud
False accounting
Assets misappropriation
Computer fraud
Insurance fraud
Intellectual property fraud
Theft or infringement by third parties
Corruption
No matter how you classify
Money laundering fraud, the utmost
importance is to
understand the features
Investment scheme fraud that characterize them.
Please refer the text book
for further explanation of
the types of fraud.

9
 Types of Fraud
Asset Misappropriation
• Involves stealing of cash or assets (supplies, inventories, equipment and
information) from the organisation. In many cases, the perpetrator tries to
conceal the theft, usually by adjusting the records.
 Financial Statement Fraud
• Involves misrepresenting financial statements, often by overstating assets or
revenue or understating liabilities and expenses. Financial statement fraud is
typically perpetrated by managers who seek to enhance the economic
appearance of the organisation. Members of the organisation may benefit
directly from the fraud by selling stock, receiving performance bonuses, or
using the false report to conceal another fraud.
 Corruption
• Misused of entrusted power for private gain. Corruption includes bribery and
other improper uses of power. Corruption is off–book fraud meaning that there
is little financial evidence available to prove that the crime occurred. Corrupt
employees do not have to fraudulently change financial statements to cover up
10 their crimes. They simply received cash payments under the table. In most
cases, these crimes are uncovered through tips or complaints from third parties.
 Types of Fraud
Bribery
• Is offering, giving, receiving or soliciting of anything of value to influence an
outcome. Bribes may be offered to key employees or managers who are
purchasing agents and who have the ability to award businesses to vendors.
 Falsification of Expense Claims
• An old favourite with both senior and junior staff. Common ‘ruses’ include
inflating mileage claims, entertaining friends and relatives at the company’s
expense and claiming for expenses that were never incurred.
 Stealing Money from the Company Bank Account 
• The perpetrator having gotten away with stealing once will keep on doing it
again.
 Manipulating Sales Figures  to Reach Target and Achieve Bonuses
• A simple version of this involves booking sales in one month then crediting
them back the next, unless the perpetrator keeps this up, the overstatement in
one month will naturally show as a shortfall in the next.

11
 Types of Fraud
Falsifying Supplier Invoices
• A senior manager who had renovation work carried out on his house
and then arranged for the invoices to be sent to the company, booked as
costs for work carried out on the company’s premises.
Stock Theft
• A time-honoured way to make a ‘fast buck’. The perpetrator will over a
period of time abscond with a number of items from the warehouse and
resell them. So long as the stock losses are within tolerance, then it is
possible for this to remain undetected for a significant period of time.
Transactions That Are Not ‘Arms Length’ 
• When a company asks for tenders for a contract, they usually obtain at
least three quotes from third parties. The best value quote should then
be selected. When the system does not run effectively, there is an
opportunity for friends and relatives of the purchasing department to
send in quotes that are accepted, bypassing the quotes from reputable
12
suppliers.
 Types of Fraud
Tax Evasion
• Fraud at corporate level. Excessively complex organisational structures are
created and designed to obfuscate the revenue streams to hide the reality from
tax authorities.
 Fictitious Invoicing
• Where there are poor accounting controls, fraudsters can arrange for fake
invoices from connected parties to be passed for payment.
 Acquisition of Company Property at Less Than Market Value
• This requires the collusion of at least two people (usually quite senior in
position). Company property is ‘sold’ to one of the individuals at a bargain
price approved by the other. The property is then resold at market value and the
profit is split between the two individuals.
 Theft of Raw Materials
• Manufacturers should measure the quantities and costs of the raw materials
used in the manufacturing process. Some processes use expensive materials
such as gold. When the measurement system is compromised or management
13 does not investigate adverse yield variances, fraudsters have the opportunity to
steal the raw material.
 Why People Commit Fraud?

14
 Fraud Indicators (Red Flags)
 Fraud committed under situational
pressure
 Fraud committed with available
opportunities
 Fraud committed by management on
behalf of the organization

15
 Pressure
Pressure is what causes a person to commit fraud.
Pressure can include almost anything such as medical
bills, expensive tastes, addictions and so on. Most of the
time, pressure comes from a significant financial
need/problem. Often this need/problem is non-sharable
in the eyes of the fraudster. That is, the person believes,
for whatever reason, that their problem must be solved in
secret. However, some frauds are committed simply out
of greed alone.

16
 Common Sources of Pressure
• Medical problems — especially for a loved one
• Unreasonable performance goals
• Spouse loses a job
• Divorce
• Starting a new business or current business is struggling
• Criminal conviction
• Civil lawsuit
• Purchase of a new home, a second home, or a home
renovation
• Need to maintain a certain lifestyle (‘champagne tastes’ or
‘keep up with the Jones’) —person (or spouse) either likes
expensive things or feels pressure to ‘keep up with’ or out-
do others in regards to material possessions
17
• Excessive gambling
 Opportunity
Opportunity provides a situation to commit fraud. Because
fraudsters do not wish to be caught, they must also believe
that their actions will not be detected. Opportunity is created
by weak internal controls, poor management oversight and/or
through the use of one’s position and authority. Failure to
establish adequate procedures to detect fraudulent activity
also increases the opportunities for fraud to occur. Of the
three elements, opportunity is the leg that organisations have
the most control over. It is essential that organisations build
processes, procedures and controls that do not needlessly put
employees in a position to commit fraud and effectively
detect fraudulent activity when it occurs.

18
 Rationalization
• Rationalization is a crucial component in most frauds. Rationalization
involves a person reconciling his/her behaviour (stealing) with the
commonly accepted notions of decency and trust. Some common
rationalizations for committing fraud are:
• The person believes committing fraud is justified to save a family
member or loved one;
• The person believes he/she will lose everything — family, home, car,
and so on. if he/she does not take the money;
• The person believes that no help is available from outside;
• The person labels the theft as ’borrowing’; and fully intends to pay back
the stolen money at some point;
• The person, because of job dissatisfaction (salaries, job environment,
treatment by managers, etc.), believes that something is owed to
him/her; The person is unable to understand or does not care about the
19
consequence of his/her actions or of accepted notions of decency and
trust.
Red Flags
Common Personality Traits of Fraudsters
• Wheeler and dealer
• Domineering/controlling
• Do not like people reviewing their work
• Strong desire for personal gain
• Have a ‘Beat the System Attitude’
• Live beyond their means
• Close relationship with customers or vendors
• Unable to relax
• Often have a ‘too good to be true’ work performance
• Do not take vacation or sick time or only take leave in small amounts
• Often work excessive overtime
• Outwardly appear to be very trustworthy
• Often display some sort of drastic change in personality or behaviour

20
 Changes in Behaviour
• Suddenly appears to be buying more material items — houses, cars, boats, clothes,
jewellery, electronics, and so on.
• Brags about new purchases
• Starts to carry unusual amounts of cash
• Creditors/bill collectors show up at work or call frequently
• Borrows money from co-workers
• Becomes more irritable or moody
• Becomes unreasonably upset when questioned
• Becomes territorial over their area of responsibility
• Would not take vacation or sick time or only takes it in small increments
• Works unnecessary overtime
• Turns down promotions
• Starts coming in early or staying late
• Redoes or rewrites work to ‘make it neat’
• May start or mentions family or financial problems
• Exhibits signs of drug or gambling addiction (absenteeism, becomes manipulative, looks
ill, inconsistent or illogical behaviour, loss of sleep or appetite, etc.)
• Exhibits signs of dissatisfaction (decrease in productivity, change attire, irregular
21
schedules, frequent complaining about inequities or work issues)
 Fraud Prevention
The Committee of Sponsoring Organizations of the Treadway Commission (COSO)
presented a framework for assessing and improving the internal control systems to fight
fraud.
 
Control environment
• Elements of a strong control environment to help prevent fraud include the following:
• A code of conduct, ethics policy or fraud policy to set the appropriate tone at the top.
• Ethics and whistle-blower programmes to report fraud.
• Hiring and promotion guidelines and practices.
• Oversight by the audit committee, board or other oversight body.

Risk assessment
• Establishing a fraud risk assessment process that considers fraud risk factors and
fraud schemes by involving appropriate personnel in the process. Also, fraud risk
assessments should be conducted on a regular basis.

22
 Fraud Prevention
Control activities
• Are policies and procedures for business processes, including appropriate authority limits
and segregation of duties.
 
Information and communication
• Promoting the importance of the fraud risk management programme and the
organisation’s position on fraud risk both internally and externally through corporate
communications programs by:
• Designing and delivering fraud awareness training.
• Ascertaining affirmation or creating a certification process to ensure that employees have
read and understood corporate policies and that the employees are in compliance with the
policies.
 
Monitoring
• Providing periodic evaluation of anti-fraud controls by:
•
23
Using independent evaluators for the fraud risk management programme by internal
auditors or other groups.
 Fraud Deterrence
• Training is usually a key factor in deterring fraud.
Training can cover the organisation’s expectations of
its employees’ conduct, the procedures and standards
necessary to implement internal controls and employee
roles and responsibilities to report misconducts.
• Deterrence measures:
 Fraud policies
 Analytical review
 Employee education
 Surprise audit

24
 Fraud Detection
Fraud detection methods need to be flexible, adaptable
and continuously changing to meet the changes in the
risk environment. While preventive measures are
apparent and readily identifiable, detective controls may
not be as apparent.

25
 Responsibilities of Fraud Prevention
and Detection
The role of the board is:
• To oversee and monitor management’s actions to
manage fraud.
• To evaluates management’s identification of fraud
risks.
• To implement anti-fraud measures.
• To set the tone at the top.

26
 Role of the Audit Committee
• To evaluate management’s identification of fraud risks.
• To implement anti-fraud measures.
• To provide the tone at the top that fraud will not be accepted in
any form.
• To hire external auditors to report on the financial statements of
the organisation.
• To provides recommendations on internal control.
• To be responsible for overseeing management’s compliance
with appropriate financial reporting.
• To be responsible for preventing senior management from
overriding the controls or other inappropriate influence over the
reporting process.

27
 Role of Management
• Responsible for overseeing the activities of employees
and typically does so by implementing and monitoring
processes and internal controls.
• Assess the vulnerability of the entity to any fraudulent
activities.
• Responsible for establishing and maintaining an effective
internal control system at a reasonable cost.
• Maintain discussions with investigators and legal counsel
to develop controls over the investigation process,
including developing policies and procedures for effective
fraud investigations and for handling the results of
investigations, reporting and communications.
28
Internal Auditors and Fraud
 Should internal auditors be responsible for the detection of fraud?
 1210 – Proficiency
- IA should possess the knowledge skills, and competencies needed to
perform their individual responsibilities.
 1210.A2
- IA should have sufficient knowledge to identify indicators that fraud may
have been committed.
 1220 – Due professional care
- IA should apply the care and skill expected of a reasonably prudent and
competency.
 1220.A1
- IA should exercise due professional care
 1220.A2 – Primary responsibilities
IA primary responsibilities regarding fraud are:
i) to carry audit assignment using due professional care and be alert of
possibility of fraud
ii) to review procedures to safeguard assets so as to ensure that cost
29 effective measures are in place to prevent, detect or to deter fraud etc
 Role of Internal Auditor
• To launch initial or full investigation of suspected fraud, to
perform root cause analysis and control improvement
recommendations, to monitor a reporting/whistle-blowing
hotline and provide ethics training
• To obtain sufficient skills and competencies including
knowledge of fraud schemes, investigation techniques and
laws
• To conduct proactive auditing to search for misappropriation
of assets and information misrepresentation using CAAT
techniques and data mining
• To employ analytical and other procedures of high-risk
accounts and transactions to identify potential fraud

30
 Role of External Auditor
External auditors have the responsibility to comply
with professional standards and to plan and perform
audit for an organisation’s financial statements to
obtain reasonable assurance whether these statements
are free from material misstatements and if
misstatements were found, whether they were caused
by error or fraud.

31
 Role of Fraud Investigators
• Fraud investigators are usually responsible for the
detection and investigation of fraud as well as the
recovery of assets. They also have a role in fraud
prevention.
• Senior management and the audit committee need to
support investigators and to let all stakeholders know
that the business entity is ready to respond quickly and
appropriately to fraud risks.

32
 Role of Other Employees
• Employees are the eyes and ears of an organisation,
and they should be empowered to maintain a
workplace of integrity.
• Employees can report their suspicion of fraud to the
employee hotline, the internal audit department or a
member of management.
• To deter and detect fraud and abuse, many experts
believe an employee hotline that is appropriately
monitored is the single most cost-effective fraud
detection and deterrence mechanism.

33
Fraud Investigation Process
 Determining whether fraud was committed
 Identify the likely perpetrator(s)
 Determining the method of operation (modus operandi)
 Determining the internal control implications
 Determining the extent of probable loss
 Documenting the case for presentation to
 Management
 Appropriate authorities
 Insurance company

34
 Ways to Collect the Information on Fraud
Code of conduct confirmation
• When employees sign an annual code of conduct outlining their responsibilities in the
prevention and detection of fraud, they can be asked to report any known violations.
 
Whistle-blower hotline
• This can take the form of a telephone call or a web-based reporting system where the
whistle blower can remain anonymous.

Exit interviews
• Conduct exit interviews for terminated employees or those who have resigned can help
identify fraudulent schemes. These interviews may also determine whether there are
issues regarding management’s integrity, and may provide information regarding
conditions conducive to fraud.

Proactive employee survey

• Routine employee surveys can be conducted to solicit employees’ knowledge of fraud
35 and unethical behaviour within the organisation. A proactive survey could elicit
anonymous information from employees, which would aid the organisation in catching
 Types of Evidence
 Testimonial evidence
 Documentary evidence
 Physical evidence
 Personal observation

36
Why IA Do Not Detect Fraud:
 Believe that fraud detection is not auditors’ job
 Too trusting of those they audit
 Believe that bosses already know and condone
illegal activity
 Auditors do not know symptoms of fraud
occurrence
 Use limited test on huge population
 Poor sampling techniques
 Concerned about career implications of fraud
detection – question of independence!!
37
 Problems Associated with Badly
Conducted Investigation:
 False imprisonment
 Defamation for libel and slander
 Confidentiality of information
 Malicious prosecution
 Extortion and blackmail

38
 Reporting of Fraud
 AC should be notified for any suspected fraud,
especially high impact fraud
 IAD should decide whether to report to the police –
should weigh between relative advantages and
disadvantages
 Should not be made public without the situation
being managed in the way that maintain the
stakeholders’ confidence – again, weigh the
advantages and disadvantages

39
 Forensic Audit
Forensic audit involves examination of legalities by
blending the techniques of propriety (VFM audit),
regularity, investigative and financial audits. The
objective is to find out whether or not true business
value has been reflected in financial statements and in
the course of examination to ascertain if any fraud has
taken place

40
 Differences between Statutory Audit and
Forensic Audit
NO PARTICULARS STATUTORY AUDIT FORENSIC AUDIT
1. Objective Express opinion as to ‘true & Determine correctness of the
fair’ presentation. accounts or whether any fraud has
  actually taken place.
2. Techniques ‘Substantive’ and ‘compliance’ Analysis of past trend and
  procedures. substantive or ‘in depth’ checking
    of selected transactions.
3. Period Normally all transactions for a No such limitations. Accounts
particular accounting period. may be examined in detail from
  the beginning.
4. Verification of stock, estimation Relies on the management Independent verification of
of realisable value of current certificate/representation of suspected/selected items carried
assets, management. out.
provisions/ Liability estimation,  
and so on.
5. Off balance-sheet items (like Used to vouch the arithmetic Regularity and propriety of these
contracts etc.) accuracy & compliance with transactions/contracts are
  procedures. examined.
6. Adverse findings, if any Negative opinion or qualified Legal determination of fraud and
opinion expressed, with/without naming persons behind such
quantification. frauds.
41  
 Skills for Forensic Auditor
• Knowledge of entity’s business and legal environment.
• Awareness of computer assisted audit procedures.
• Innovative approach and sceptics of routine audit
practices.

42
 Application
Forensic Accounting and Audit may be applied in the
following areas besides fraud detection:
• Conducting due-diligence (especially for segment wise
profitability analysis)
• Business valuation
• Management auditing
• Assessing loss before settling insurance claims.

43
 Examination methods
Tests of reasonableness
Check weaknesses in internal controls
Identify questionable transactions — indicating wide fluctuations from
the
normal transactions and not, in general, related to main objectives
Review questionable transaction documents for peculiarities, like
improper
account, classifications, pricing, invoicing, or claims, and so on

Historical Comparisons
 Develop a profile of the entity under investigation, its personnel and beneficiaries,
using available information
 Identify questionable accounts, account balances, and relationships
between accounts, to find out variances from current expectations and past
relationships
 Gather and preserve evidence corroborating asset losses, fraudulent
44
transactions and financial misstatements
END CHAPTER 8