Chapter 5

2/10/2012

1. Describe fraud and describe the process one follows to perpetuate a fraud. 2. Discuss why fraud occurs, including the pressures, opportunities, and rationalizations that are present in most frauds. 3. Compare and contrast the approaches and techniques that are used to commit computer fraud. 4. Describe how to deter and detect computer fraud.

2/10/2012

Jason Scott finished his tax return. Everything was in order except his withholding amount. For some reason, the federal income tax withholdings on his final paycheck was $5 higher than on his W-2 form. What did he discover?

2/10/2012

Most of the 1,500 company employees had a $5 discrepancy between their reported withholdings and the actual amount withheld. The W-2 of Don Hawkins, one of the programmers in charge of the payroll system, showed that thousands of dollars more in withholding had been reported to the IRS than had been withheld from his paycheck.

2/10/2012

What constitutes a fraud, and is the withholding problem a fraud? If this is indeed a fraud, how was it perpetrated?

2/10/2012

Why did the company not catch these mistakes earlier? Was there a breakdown in controls? What can the company do to detect and prevent fraud? Just how vulnerable are computer systems to fraud?

2/10/2012

This chapter describes the fraud process. It also explores the reasons that fraud occurs. The chapter also describes the approaches to computer fraud and the specific techniques used to commit it. Finally, several methods to deter and detect fraud are analyzed.
2/10/2012

Understand what fraud is and the process one follows to perpetuate a fraud.

2/10/2012

What is the definition of fraud?

2/10/2012

What is the definition of fraud?

an intentional deception made for personal gain or to damage another individual Fraud is a crime

2/10/2012

What is computer fraud?

"Conduct which involves the manipulation of a computer or computer data, by whatever method, in order to dishonestly obtain money, property or some other advantage of value, or to cause loss."

2/10/2012

Since fraudsters don t make journal entries to record their frauds, we can only estimate the amount of losses caused by fraudulent acts:

 Total fraud losses in the U.S. run around 6% of annual

revenues or approximately $660 billion in 2004.  Income tax fraud (the difference between what taxpayers owe and what they pay to the government) is estimated to be over $200 billion per year.  Fraud in the healthcare industry is estimated toexceed $100 billion a year.
2/10/2012

Fraud perpetrators are often referred to as white-collar criminals.

 Distinguishes them from violent criminals,

although some white-collar crime can ultimately have violent outcomes, such as:
Perpetrators or their victims committing suicide. Healthcare patients killed because of alteration of information, etc., that can result in their deaths.

2/10/2012

 Three types of occupational fraud:

 Misappropriation of assets  Corruption  Fraudulent statements

2/10/2012

Employee fraud characteristics:

They gain the trust and confidence of the company or people being defrauded to commit and conceal the fraud. They use weapons of deceit and misinformation. Frauds usually begin from a need then become greed later on. They grow careless and overconfident over time. Over time, the size of the fraud usually leads to detection.

2/10/2012

Fraudulent financial reporting Financial Statements can be falsified to:

Deceive investors and creditors Cause a company s stock price to rise Meet cash flow needs Hide company losses and problems

Example Enron?
2/10/2012

Fraudulent financial reporting is of great concern to independent auditors, because undetected frauds lead to half of the lawsuits against auditors. In the case of Enron, a financial statement fraud led to the total elimination of Arthur Andersen, a premiere international public accounting firm.

2/10/2012

Most frauds involve three steps. The theft of something The conversion to cash The concealment
2/10/2012

What is a common way to hide a theft?

What is a payroll example?

2/10/2012

What is a common way to hide a theft?

to charge the stolen item to an expense account

What is a payroll example?

to add a fictitious name to the company s payroll

2/10/2012

What is lapping? In a lapping scheme, the perpetrator steals cash received from customer A to pay its accounts receivable. Funds received at a later date from customer B are used to pay off customer A s balance, etc.
2/10/2012

What is kiting?

In a kiting scheme, the perpetrator covers up a theft by creating cash through the transfer of money between banks. The perpetrator deposits a check from bank A to bank B and then withdraws the money.

2/10/2012

Since there are insufficient funds in bank A to cover the check, the perpetrator deposits a check from bank C to bank A before his check to bank B clears. Since bank C also has insufficient funds, money must be deposited to bank C before the check to bank A clears. The scheme continues to keep checks from bouncing.

2/10/2012

A cashier was stealing money from daily cash receipts and making up the shortages with the following day s cash receipts. The fraud was discovered during a review of the bank reconciliation when the office manager noticed that the exact same deposit was made on two consecutive days. Suggested control procedure that could have prevented this is a simple segregation of duties the cashier was also preparing the daily deposit slip, and no one was responsible for reconciling it with the daily cash report.
2/10/2012

During the 1990 s, WorldCom was deeply involved in acquisitions and completed several mega-deals Purchased over 60 firms in 2nd half of the 90 s

WorldCom moved into Internet and data traffic  Handled 50% of US Internet traffic  Handled 50% of e-mails worldwide Purchased MCI for $37 billion in 1997 By 2001 owned a third of the US data cables

Was U.S. 2nd largest long-distance operator in 1998 and 2002 Had over 20 million customers in 2002

2/10/2012

From 1998-2000, WorldCom reduced reserve accounts held to cover liabilities of acquired companies  WorldCom added $2.8 billion to the revenue line from these reserves Reserves didn t cut it; An e-mail was sent in December 2000 to a division in Texas directing misclassification of expenses. CFO told key staff members to mark operating costs as long-term investments.  To the tune of $3.85 billion.

2/10/2012

Operating Expenses to Assets

-CFO s directions affected the income statement: Revenues xxx (no change) COGS xxx (no change) Operating Expenses:
Fees paid to lease other companies phone networks: Computer expenses: xxx (Huge Decrease) xxx (Huge Decrease)

NET INCOME
2/10/2012

xxx (Huge Increase)

Operating Expenses to Assets

-CFO s directions affected the balance sheet: Assets: Computer assets Leasing assets

xxx (Huge Increase) xxx (Huge Increase)

Liabilities xxx (no change) Stockholders Equity:

Retained Earnings xxx (Huge Increase) =HAPPY INVESTORS
2/10/2012

Huge losses turned into enormous profits.  $1.38 billion in net income in 2001

Inflated the company s value in its assets

2/10/2012

4.

March 7, 2002 - the SEC requests information from WorldCom  How could WorldCom make so much when AT&T is losing money? The Internal audit started digging  Found $2 billion company announced for capital expenditures (Internal Auditors found it was never authorized for capital expenditures.)  Found the undocumented $500 million in computer expenses that were recorded as assets.  Searching WorldCom s computers, Mr. Morse found $2 billion in questionable entries

5.

2/10/2012

June 25, 2002 - WorldCom announces it inflated profits by $3.8 billion over the previous five quarters June 26, 2002 - civil suit filed, stock trading halted
Ultimately, stock was delisted by Nasdaq

July 21, 2002 - WorldCom filed for bankruptcy

17,000 jobs cut to save $1 billion. WorldCom was renamed MCI in 2004 when it emerged from bankruptcy
2/10/2012

Compared to other financial statement frauds, Enron was a very complicated fraud. (WorldCom, for example, was a $7 billion fraud that involved simply capitalizing expenses (line costs) that should have been expensed (Accounting 200 topic.) Enron involved many complex transactions and accounting issues.

2/10/2012

Enron delivered smoothly growing earnings (but not cash flows.) Wall Street took Enron on its word but didn t understand its financial statements. It was all about the price of the stock. Enron was a trading company and Wall Street normally doesn t reward volatile earnings of trading companies. (Goldman Sacks is a trading company. Its stock price was 20 times earnings while Enron s was 70 times earnings.) In its last 5 years, Enron reported 20 straight quarters of increasing income. Enron, that had once made its money from hard assets like pipelines, generated more than 80% of its earnings from a vaguer business known as wholesale energy operations and services.
2/10/2012

Was devoid of any boundary system Enron s core business was losing money shifted its focus from bricks-and-mortar energy business to trading of derivatives (most derivatives profits were more imagined than real with many employees lying and misstating systematically their profits and losses in order to make their trading businesses appear less volatile than they were) During 2000, Enron s derivatives-related assets increased from $2.2 billion to $12 billion and derivates-related liabilities increased from $1.8 billion to $10.5 billion Enron s top management gave its managers a blank order to just do it Deals in unrelated areas such as weather derivatives, water services, metals trading, broadband supply and power plant were all justified.

2/10/2012

Because Enron believed it was leading a revolution, it pushed the rules. Employees attempted to crush not just outsiders but each other. Enron was built to maximize value by maximizing the individual parts. Enron traders were afraid to go to the bathroom because the guy sitting next to them might use information off their screen to trade against them.
Enron took more risk than othersit swung for the fences.

2/10/2012

Jeff Skilling left in August gave no reason for his departure. By mid-August 2001, the stock price began falling Former CEO, Kenneth Lay, came back in August Oct. 16 announced $618 million loss but not that it had written down equity by $1.2 billion October Moody s downgraded Enron s debt Nov. 8 Told investors they were restating earnings for the past 4 and years Dec. 2 Filed bankruptcy

2/10/2012

In early 2001, Jim Chanos, who runs Kynikos Associates, a highly regarded firm specializing in short selling said publicly that no one could explain how Enron actually made money. He noted that Enron had completed transactions with related parties that were run by a senior officer of Enron and assumed it was a conflict of interest. (Enron wouldn t answer questions about LJM and other partnerships.)

2/10/2012

Was paid $52 million in 2000, the majority of which was for non-audit related consulting services. Failed to spot many of Enron s losses Should have assessed Enron management s internal controls on derivates trading expressed approval of internal controls during 1998 through 2000 Kept a whole floor of auditors assigned at Enron year around Enron was Andersen s second largest client Did both external and internal audits CFOs and controllers were former Andersen executives Accused of document destruction was criminally indicted Went out of business My partner friend I had $4 million in my retirement account and I lost it all. Some partners who transferred to other firms now have two equity loans and no retirement savings.

2/10/2012

1. Denmark 2. Finland 3. Sweden 4. New Zealand 5.Iceland 6. Canada 7. Singapore 8. Netherlands, Norway

16. Hong Kong 17. United States Austria 25. Japan 29. Taiwan 43. South Korea 52. China 81. Nigeria 84. Paraguay 85. Cameroon

2/10/2012

Good economy was masking many problems Moral decay in society Executive incentives Wall Street expectations rewards for short-term behavior Nature of accounting rules Behavior of CPA firms Greed by investment banks, commercial banks, and investors Educator failures

2/10/2012

Meeting Wall Street s Expectations

 Stock prices are tied to meeting Wall Street s earnings   

forecasts Focus is on short-term performance only Companies are heavily punished for not meeting forecasts Executives have been endowed with hundreds of millions of dollars worth of stock options far exceeds compensation (tied to stock price) Performance is based on earnings & stock price

2/10/2012

Discuss why fraud occurs, including the pressures, opportunities, and rationalizations that are present in most frauds.

2/10/2012

Researchers have compared the psychological and demographic characteristics of three groups of people:
White-collar criminals Significant differences General public Violent criminals

Few differences

2/10/2012

What are some common characteristics of fraud perpetrators?

Most spend their illegal income rather than invest or save it. Once they begin the fraud, it is very hard for them to stop. They usually begin to rely on the extra income.

2/10/2012

Perpetrators of computer fraud tend to be younger and possess more computer knowledge, experience, and skills. Some computer fraud perpetrators are more motivated by curiosity and the challenge of beating the system. Others commit fraud to gain stature among others in the computer community.

2/10/2012

Three conditions are necessary for fraud to occur:

1 A pressure or motive 2 An opportunity 3 A rationalization

2/10/2012

The Fraud Triangle

2/10/2012

What are some financial pressures?

2/10/2012

What are some financial pressures?

living beyond means high personal debt inadequate income poor credit ratings heavy financial losses large gambling debts

2/10/2012

What are some financial statement pressures?

2/10/2012

What are some financial statement pressures?

 Prop up earnings or stock price OR to reduce

earnings  Cover the inability to generate cash flow  Obtain financing  Appear to comply with bond covenants or other agreements

2/10/2012

What are some work-related pressures?

2/10/2012

What are some work-related pressures?

low salary nonrecognition of performance job dissatisfaction fear of losing job overaggressive bonus plans

2/10/2012

What are other pressures?

challenge family/peer pressure emotional instability need for power or control excessive pride or ambition

2/10/2012

2/10/2012

An opportunity is the condition or situation that allows a person to commit and conceal a dishonest act. What are the ways fraud can be concealed that we discussed?

2/10/2012

Opportunities often stem from a lack of internal controls. However, the most prevalent opportunity for fraud results from a company s failure to enforce its system of internal controls.

2/10/2012

Most perpetrators have an excuse or a rationalization that allows them to justify their illegal behavior.

What are some rationalizations?

2/10/2012

Most perpetrators have an excuse or a rationalization that allows them to justify their illegal behavior.

What are some rationalizations?

 The perpetrator is just borrowing the stolen assets.  The perpetrator is not hurting a real person, just a

computer system.

 No one will ever know.

2/10/2012

Fraud occurs when:

 People have perceived, non-shareable pressures;  The opportunity gateway is left open; and  They can rationalize their actions to reduce the

moral impact in their minds (i.e., they have low integrity).

Fraud is much less likely to occur when

 There is low pressure, low opportunity, and high

integrity.
2/10/2012

Compare and contrast the approaches and techniques that are used to commit computer fraud.

2/10/2012

The U.S. Department of Justice defines computer fraud as any illegal act for which knowledge of computer technology is essential for its perpetration, investigation, or prosecution. What are examples of computer fraud?
unauthorized use, access, modification, copying, and destruction of software or data
2/10/2012

theft of money by altering computer records or the theft of computer time theft or destruction of computer hardware use or the conspiracy to use computer resources to commit a felony intent to illegally obtain information or tangible property through the use of computers
2/10/2012

Organizations that track computer fraud estimate that 80% of U.S. businesses have been victimized by at least one incident of computer fraud.

2/10/2012

No one knows for sure exactly how much companies lose to computer fraud. Why?

2/10/2012

No one knows for sure exactly how much companies lose to computer fraud. Why?
 There is disagreement on what computer fraud is.  Many computer frauds go undetected, or unreported.  Most networks have a low level of security.  Many Internet pages give instructions on how to perpetrate

computer crimes.  Law enforcement is unable to keep up with fraud.

2/10/2012

Data fraud Input fraud Output fraud

Processor fraud

Computer instruction fraud

2/10/2012

Processor Fraud
 Involves unauthorized system use  Includes theft of computer time and services.

Computer Instructions Fraud

 Involves tampering with software that processes

company data  May include:

Modifying the software Making illegal copies Using it in an unauthorized manner

2/10/2012

Data Fraud
 Involves: Altering or damaging a company s data files; or Copying, using, or searching the data files without authorization.  Sale of stolen data

Output Fraud
 Stealing or misusing system output.  Use computers and peripheral devices to create

counterfeit outputs
2/10/2012

What are some of the more common techniques to commit computer fraud?
Cracking Data diddling Data leakage Denial of service attack Eavesdropping E-mail forgery and threats
2/10/2012

Hacking Internet misinformation and terrorism Logic time bomb Masquerading or impersonation Password cracking Piggybacking Round-down Salami technique
2/10/2012

Software piracy Scavenging Social engineering Superzapping Trap door Trojan horse Virus Worm
2/10/2012

Describe how to deter and detect computer fraud.

2/10/2012

What are some measures that can decrease the potential of fraud?
1 2 3 4 5

Make fraud less likely to occur. Increase the difficulty of committing fraud. Improve detection methods. Reduce fraud losses. Prosecute and incarcerate fraud perpetrators.

2/10/2012

Make fraud less likely to occur.

 Use proper hiring and firing practices.  Manage disgruntled employees.  Train employees in security and fraud prevention.  Manage and track software licenses.  Require signed confidentiality agreements.

2/10/2012

Increase the difficulty of committing fraud.

Develop a strong system of internal controls. Segregate duties. Require vacations and rotate duties. Restrict access to computer equipment and data files.  Encrypt data and programs.
   

2/10/2012

Improve detection methods.

 Protect telephone lines and the system from

viruses.  Control sensitive data.  Control laptop computers.  Monitor hacker information.

2/10/2012

Reduce fraud losses.

 Maintain adequate insurance.  Store backup copies of programs and data files in

a secure, off-site location.  Develop a contingency plan for fraud occurrences.  Use software to monitor system activity and recover from fraud.

2/10/2012

Prosecute and incarcerate fraud perpetrators.

 Most fraud cases go unreported and

unprosecuted. Why?
Many cases of computer fraud are as yet undetected. Companies are reluctant to report computer crimes.

2/10/2012

Law enforcement officials and the courts are so busy with violent crimes that they have little time for fraud cases. It is difficult, costly, and time consuming to investigate. Many law enforcement officials, lawyers, and judges lack the computer skills needed to investigate, prosecute, and evaluate computer crimes.
2/10/2012

What did Jason present to the president?

 A copy of his own withholding report filed with

the IRS and a printout of withholdings from the payroll records.

2/10/2012

How did Jason believe the fraud was perpetrated?

 The payroll system had undergone some minor

modifications.  The payroll project had been completed without the usual review by other systems personnel.  An unusual code subtracted $5 from most employees withholdings and added it to Don s.

2/10/2012

What guidelines should Jason suggest to prevent this from happening again?
 Strictly enforce existing controls.  New controls should be put into place to

detect fraud.  Employees should be trained in fraud awareness, security measures, and ethical issues.  Jason also urged the president to prosecute the case.

2/10/2012