Académique Documents
Professionnel Documents
Culture Documents
2/10/2012
1. Describe fraud and describe the process one follows to perpetuate a fraud. 2. Discuss why fraud occurs, including the pressures, opportunities, and rationalizations that are present in most frauds. 3. Compare and contrast the approaches and techniques that are used to commit computer fraud. 4. Describe how to deter and detect computer fraud.
2/10/2012
Jason Scott finished his tax return. Everything was in order except his withholding amount. For some reason, the federal income tax withholdings on his final paycheck was $5 higher than on his W-2 form. What did he discover?
2/10/2012
Most of the 1,500 company employees had a $5 discrepancy between their reported withholdings and the actual amount withheld. The W-2 of Don Hawkins, one of the programmers in charge of the payroll system, showed that thousands of dollars more in withholding had been reported to the IRS than had been withheld from his paycheck.
2/10/2012
What constitutes a fraud, and is the withholding problem a fraud? If this is indeed a fraud, how was it perpetrated?
2/10/2012
Why did the company not catch these mistakes earlier? Was there a breakdown in controls? What can the company do to detect and prevent fraud? Just how vulnerable are computer systems to fraud?
2/10/2012
This chapter describes the fraud process. It also explores the reasons that fraud occurs. The chapter also describes the approaches to computer fraud and the specific techniques used to commit it. Finally, several methods to deter and detect fraud are analyzed.
2/10/2012
Understand what fraud is and the process one follows to perpetuate a fraud.
2/10/2012
2/10/2012
an intentional deception made for personal gain or to damage another individual Fraud is a crime
2/10/2012
2/10/2012
Since fraudsters don t make journal entries to record their frauds, we can only estimate the amount of losses caused by fraudulent acts:
revenues or approximately $660 billion in 2004. Income tax fraud (the difference between what taxpayers owe and what they pay to the government) is estimated to be over $200 billion per year. Fraud in the healthcare industry is estimated toexceed $100 billion a year.
2/10/2012
although some white-collar crime can ultimately have violent outcomes, such as:
Perpetrators or their victims committing suicide. Healthcare patients killed because of alteration of information, etc., that can result in their deaths.
2/10/2012
2/10/2012
They gain the trust and confidence of the company or people being defrauded to commit and conceal the fraud. They use weapons of deceit and misinformation. Frauds usually begin from a need then become greed later on. They grow careless and overconfident over time. Over time, the size of the fraud usually leads to detection.
2/10/2012
Deceive investors and creditors Cause a company s stock price to rise Meet cash flow needs Hide company losses and problems
Example Enron?
2/10/2012
Fraudulent financial reporting is of great concern to independent auditors, because undetected frauds lead to half of the lawsuits against auditors. In the case of Enron, a financial statement fraud led to the total elimination of Arthur Andersen, a premiere international public accounting firm.
2/10/2012
Most frauds involve three steps. The theft of something The conversion to cash The concealment
2/10/2012
2/10/2012
2/10/2012
What is lapping? In a lapping scheme, the perpetrator steals cash received from customer A to pay its accounts receivable. Funds received at a later date from customer B are used to pay off customer A s balance, etc.
2/10/2012
What is kiting?
In a kiting scheme, the perpetrator covers up a theft by creating cash through the transfer of money between banks. The perpetrator deposits a check from bank A to bank B and then withdraws the money.
2/10/2012
Since there are insufficient funds in bank A to cover the check, the perpetrator deposits a check from bank C to bank A before his check to bank B clears. Since bank C also has insufficient funds, money must be deposited to bank C before the check to bank A clears. The scheme continues to keep checks from bouncing.
2/10/2012
A cashier was stealing money from daily cash receipts and making up the shortages with the following day s cash receipts. The fraud was discovered during a review of the bank reconciliation when the office manager noticed that the exact same deposit was made on two consecutive days. Suggested control procedure that could have prevented this is a simple segregation of duties the cashier was also preparing the daily deposit slip, and no one was responsible for reconciling it with the daily cash report.
2/10/2012
During the 1990 s, WorldCom was deeply involved in acquisitions and completed several mega-deals Purchased over 60 firms in 2nd half of the 90 s
WorldCom moved into Internet and data traffic Handled 50% of US Internet traffic Handled 50% of e-mails worldwide Purchased MCI for $37 billion in 1997 By 2001 owned a third of the US data cables
Was U.S. 2nd largest long-distance operator in 1998 and 2002 Had over 20 million customers in 2002
2/10/2012
From 1998-2000, WorldCom reduced reserve accounts held to cover liabilities of acquired companies WorldCom added $2.8 billion to the revenue line from these reserves Reserves didn t cut it; An e-mail was sent in December 2000 to a division in Texas directing misclassification of expenses. CFO told key staff members to mark operating costs as long-term investments. To the tune of $3.85 billion.
2/10/2012
NET INCOME
2/10/2012
Huge losses turned into enormous profits. $1.38 billion in net income in 2001
2/10/2012
4.
March 7, 2002 - the SEC requests information from WorldCom How could WorldCom make so much when AT&T is losing money? The Internal audit started digging Found $2 billion company announced for capital expenditures (Internal Auditors found it was never authorized for capital expenditures.) Found the undocumented $500 million in computer expenses that were recorded as assets. Searching WorldCom s computers, Mr. Morse found $2 billion in questionable entries
5.
2/10/2012
June 25, 2002 - WorldCom announces it inflated profits by $3.8 billion over the previous five quarters June 26, 2002 - civil suit filed, stock trading halted
Ultimately, stock was delisted by Nasdaq
17,000 jobs cut to save $1 billion. WorldCom was renamed MCI in 2004 when it emerged from bankruptcy
2/10/2012
Compared to other financial statement frauds, Enron was a very complicated fraud. (WorldCom, for example, was a $7 billion fraud that involved simply capitalizing expenses (line costs) that should have been expensed (Accounting 200 topic.) Enron involved many complex transactions and accounting issues.
2/10/2012
Enron delivered smoothly growing earnings (but not cash flows.) Wall Street took Enron on its word but didn t understand its financial statements. It was all about the price of the stock. Enron was a trading company and Wall Street normally doesn t reward volatile earnings of trading companies. (Goldman Sacks is a trading company. Its stock price was 20 times earnings while Enron s was 70 times earnings.) In its last 5 years, Enron reported 20 straight quarters of increasing income. Enron, that had once made its money from hard assets like pipelines, generated more than 80% of its earnings from a vaguer business known as wholesale energy operations and services.
2/10/2012
Was devoid of any boundary system Enron s core business was losing money shifted its focus from bricks-and-mortar energy business to trading of derivatives (most derivatives profits were more imagined than real with many employees lying and misstating systematically their profits and losses in order to make their trading businesses appear less volatile than they were) During 2000, Enron s derivatives-related assets increased from $2.2 billion to $12 billion and derivates-related liabilities increased from $1.8 billion to $10.5 billion Enron s top management gave its managers a blank order to just do it Deals in unrelated areas such as weather derivatives, water services, metals trading, broadband supply and power plant were all justified.
2/10/2012
Because Enron believed it was leading a revolution, it pushed the rules. Employees attempted to crush not just outsiders but each other. Enron was built to maximize value by maximizing the individual parts. Enron traders were afraid to go to the bathroom because the guy sitting next to them might use information off their screen to trade against them.
Enron took more risk than othersit swung for the fences.
2/10/2012
Jeff Skilling left in August gave no reason for his departure. By mid-August 2001, the stock price began falling Former CEO, Kenneth Lay, came back in August Oct. 16 announced $618 million loss but not that it had written down equity by $1.2 billion October Moody s downgraded Enron s debt Nov. 8 Told investors they were restating earnings for the past 4 and years Dec. 2 Filed bankruptcy
2/10/2012
In early 2001, Jim Chanos, who runs Kynikos Associates, a highly regarded firm specializing in short selling said publicly that no one could explain how Enron actually made money. He noted that Enron had completed transactions with related parties that were run by a senior officer of Enron and assumed it was a conflict of interest. (Enron wouldn t answer questions about LJM and other partnerships.)
2/10/2012
Was paid $52 million in 2000, the majority of which was for non-audit related consulting services. Failed to spot many of Enron s losses Should have assessed Enron management s internal controls on derivates trading expressed approval of internal controls during 1998 through 2000 Kept a whole floor of auditors assigned at Enron year around Enron was Andersen s second largest client Did both external and internal audits CFOs and controllers were former Andersen executives Accused of document destruction was criminally indicted Went out of business My partner friend I had $4 million in my retirement account and I lost it all. Some partners who transferred to other firms now have two equity loans and no retirement savings.
2/10/2012
1. Denmark 2. Finland 3. Sweden 4. New Zealand 5.Iceland 6. Canada 7. Singapore 8. Netherlands, Norway
16. Hong Kong 17. United States Austria 25. Japan 29. Taiwan 43. South Korea 52. China 81. Nigeria 84. Paraguay 85. Cameroon
2/10/2012
Good economy was masking many problems Moral decay in society Executive incentives Wall Street expectations rewards for short-term behavior Nature of accounting rules Behavior of CPA firms Greed by investment banks, commercial banks, and investors Educator failures
2/10/2012
forecasts Focus is on short-term performance only Companies are heavily punished for not meeting forecasts Executives have been endowed with hundreds of millions of dollars worth of stock options far exceeds compensation (tied to stock price) Performance is based on earnings & stock price
2/10/2012
Discuss why fraud occurs, including the pressures, opportunities, and rationalizations that are present in most frauds.
2/10/2012
Researchers have compared the psychological and demographic characteristics of three groups of people:
White-collar criminals Significant differences General public Violent criminals
Few differences
2/10/2012
Most spend their illegal income rather than invest or save it. Once they begin the fraud, it is very hard for them to stop. They usually begin to rely on the extra income.
2/10/2012
Perpetrators of computer fraud tend to be younger and possess more computer knowledge, experience, and skills. Some computer fraud perpetrators are more motivated by curiosity and the challenge of beating the system. Others commit fraud to gain stature among others in the computer community.
2/10/2012
2/10/2012
2/10/2012
2/10/2012
2/10/2012
2/10/2012
earnings Cover the inability to generate cash flow Obtain financing Appear to comply with bond covenants or other agreements
2/10/2012
2/10/2012
2/10/2012
2/10/2012
2/10/2012
An opportunity is the condition or situation that allows a person to commit and conceal a dishonest act. What are the ways fraud can be concealed that we discussed?
2/10/2012
Opportunities often stem from a lack of internal controls. However, the most prevalent opportunity for fraud results from a company s failure to enforce its system of internal controls.
2/10/2012
Most perpetrators have an excuse or a rationalization that allows them to justify their illegal behavior.
2/10/2012
Most perpetrators have an excuse or a rationalization that allows them to justify their illegal behavior.
computer system.
integrity.
2/10/2012
Compare and contrast the approaches and techniques that are used to commit computer fraud.
2/10/2012
The U.S. Department of Justice defines computer fraud as any illegal act for which knowledge of computer technology is essential for its perpetration, investigation, or prosecution. What are examples of computer fraud?
unauthorized use, access, modification, copying, and destruction of software or data
2/10/2012
theft of money by altering computer records or the theft of computer time theft or destruction of computer hardware use or the conspiracy to use computer resources to commit a felony intent to illegally obtain information or tangible property through the use of computers
2/10/2012
Organizations that track computer fraud estimate that 80% of U.S. businesses have been victimized by at least one incident of computer fraud.
2/10/2012
No one knows for sure exactly how much companies lose to computer fraud. Why?
2/10/2012
No one knows for sure exactly how much companies lose to computer fraud. Why?
There is disagreement on what computer fraud is. Many computer frauds go undetected, or unreported. Most networks have a low level of security. Many Internet pages give instructions on how to perpetrate
2/10/2012
Processor fraud
Processor Fraud
Involves unauthorized system use Includes theft of computer time and services.
2/10/2012
Data Fraud
Involves: Altering or damaging a company s data files; or Copying, using, or searching the data files without authorization. Sale of stolen data
Output Fraud
Stealing or misusing system output. Use computers and peripheral devices to create
counterfeit outputs
2/10/2012
What are some of the more common techniques to commit computer fraud?
Cracking Data diddling Data leakage Denial of service attack Eavesdropping E-mail forgery and threats
2/10/2012
Hacking Internet misinformation and terrorism Logic time bomb Masquerading or impersonation Password cracking Piggybacking Round-down Salami technique
2/10/2012
Software piracy Scavenging Social engineering Superzapping Trap door Trojan horse Virus Worm
2/10/2012
2/10/2012
What are some measures that can decrease the potential of fraud?
1 2 3 4 5
Make fraud less likely to occur. Increase the difficulty of committing fraud. Improve detection methods. Reduce fraud losses. Prosecute and incarcerate fraud perpetrators.
2/10/2012
2/10/2012
2/10/2012
viruses. Control sensitive data. Control laptop computers. Monitor hacker information.
2/10/2012
a secure, off-site location. Develop a contingency plan for fraud occurrences. Use software to monitor system activity and recover from fraud.
2/10/2012
unprosecuted. Why?
Many cases of computer fraud are as yet undetected. Companies are reluctant to report computer crimes.
2/10/2012
Law enforcement officials and the courts are so busy with violent crimes that they have little time for fraud cases. It is difficult, costly, and time consuming to investigate. Many law enforcement officials, lawyers, and judges lack the computer skills needed to investigate, prosecute, and evaluate computer crimes.
2/10/2012
2/10/2012
modifications. The payroll project had been completed without the usual review by other systems personnel. An unusual code subtracted $5 from most employees withholdings and added it to Don s.
2/10/2012
What guidelines should Jason suggest to prevent this from happening again?
Strictly enforce existing controls. New controls should be put into place to
detect fraud. Employees should be trained in fraud awareness, security measures, and ethical issues. Jason also urged the president to prosecute the case.
2/10/2012