CFE Exam Quiz 20

It is to be noted that the larger a company grows, the more specialized its subunits tend to become, and this specialization thereby breeds a higher risk of fraud.

Reflective preference is one of the key elements of ethics. Reflective choice refers to the process by which an individual identifies a problem of decision, analyzes the situation— gathering information, considering behavioral rules, and thinking about the consequences of alternative actions— and taking action. In short, decision making represents0 preference.
Ethical problems almost always involve projecting yourself in a future in which you have to live with your decisions.
The functions of ethical principles and rules is not to provide a simple and sure answer to all problems, but to provide some guidelines for individual decisions and actions.

It should be noted that the framework of corporate governance must respect the interests of stakeholders established by law or by mutual agreements and encourage successful cooperation between companies and shareholders in creating wealth, jobs and financially sound sustainability of the business.
I: It is essential to respect the rights of the stakeholders established by law or by mutual agreements.
II: Where the interests of stakeholders are protected by law, there should be an incentive for stakeholders to seek meaningful remedies for breaches of their rights.
III: Mechanisms should be allowed to develop for the involvement of employees.
IV: Where stakeholders engage in the business cycle they should have timely and regular access to appropriate, adequate, and reliable information.

Notably, the Diet (legislature) passed a law in Japan to punish crimes “related to environmental pollution that adversely affects people’s health.” Under this law, the intentional or negligent emission of a substance that causes danger to human life or health by industries shall be punished with imprisonment or fines.

It is found that the intent and objectives of the Fraud Risk Management System must be conveyed to staff at all levels throughout the company, both formally and informally. Employees who are asked to conduct a certain task will probably not understand the full impact of anti-fraud prevention unless they are trained on how this activity works to protect the company.
Besides, workers must be notified of their responsibility to report suspected fraud and be encouraged to do so without fear of retaliation with the means and trust.
The Fraud Risk Management Plan must include procedures designed specifically to track, detect and resolve violations of compliance as part of the company’s enforcement insurance objectives.

It should be noted that shareholders should be able to vote in person or in absentia and equal effect should be given to votes cast in person or in absentia.

The ACFE published the latest Workplace Fraud and Abuse Report to the Nations, which was intended to provide insight into the vast and still unknown costs placed on organizations by workplace fraud.
I: To summarize the experts ‘ views on the percentage and amount of corporate profit lost to all types of work fraud and abuse.
II: Examine the characteristics of those employees who commit fraud and abuse at work.
III: Identify the categories of companies that are victims of labor fraud and abuse.
IV: Categorize the severity of fraud and abuse.

The board may assign representatives to focused subcommittees to assist in overseeing specific issues. The establishment of at least the following three board committees is considered a best practice for public companies: I: Audit Committee II: Compensation Committee III: Nominating Committee
The ad hoc committee is a type of committee that is set up for a limited period to deal with specific issues.

It is noteworthy that according to the auditor’s documentation of the responses to the assessed risks of material misstatement required by the ISA 315 are
I: the significant conclusions reached during the discussion on the vulnerability of the entity’s financial statements to material fraud
II: II: The defined and assessed risks of material default due to fraud at the level of the financial statements and the level of assumption While under ISA 330, the overall response to the assessed risks of material default due to fraud at the level of the financial statements and the type, timing and extent of the audit procedures and the correlation of those procedures with the assessed risks of the financial statements

It should be remembered that managers are understandably reluctant to believe because of the hidden nature of fraud in the probability of fraud. However, if an employee is caught committing fraud, management may too frequently assume it’s an isolated issue and it’s not worth considering further. Management must understand that when cases of fraud are found, it is too late to do anything about them.

Risk is defined as the potential for an occurrence to occur and adversely affect the achievement of goals. “Risk assessment involves defining and evaluating the risks that the agency faces in achieving its organizational objectives, a dynamic and iterative process that forms the basis on which to determine how to handle risks.
The risk assessment, according to COSO, includes the following principles:
1. The company sets targets that are sufficiently clear to define and assess the risks associated with the objectives.
2. The company defines threats to the entity-wide accomplishment of its objectives and analyzes these risks as a basis for determining how to handle the risks.
3. When evaluating risks, the company recognizes the potential for fraud to achieve goals.
4. The company recognizes and reviews improvements that could have a significant impact on the internal control structure.
The organization selects and develops general project management systems to promote the achievement of targets is control activities management.

An internal auditor investigative team within the company can use the results of the fraud risk assessment to identify high-risk practices or activities and suspicious transactions that might indicate fraud. This approach may also provide some reassurance when the subsequent search for fraud shows that fraud does not appear to exist then, despite the risk assessed. Management should remember, however, that just because there is no evidence that fraud is occurring in the present, the risk that it could occur in the future is not eliminated.

Part of the role of the internal audit process is to evaluate and enhance the organization’s effectiveness. Each of these organizational components— risk management strategies, internal controls, and governance systems — serves a significant role in preventing the risk management, control, and governance mechanisms of fraud
I: devote enough time and attention to determining that fraud controls are adequately developed and working effectively to resolve defined fraud threats so that they can provide accurate assurance to the board and management.
II: Review the comprehensiveness and adequacy of the risk of fraud identified by management (giving particular consideration to the risk of fraud related to control override).
III: Consider the fraud risk evaluation of the company in the implementation of its audit plan.
IV: Periodically review management’s fraud risk management strategy and capabilities.
V: Communicate periodically with those responsible for the risk assessment of fraud to ensure adequate consideration of all fraud threats.
VI: Maintain a professional skeptical mindset and be watchful for signs of fraud.
VII: take an active part in fostering the ethical culture of the organization.

The OECD Corporate Governance Principles are regarded as one of the hallmark sources of guidance for organizations around the world on corporate governance practices. According to the OECD, the Principles are intended to assist policymakers in evaluating and improving the legal, regulatory and institutional framework for corporate governance to support sustainable economic efficiency.

It should be noted that it is increasingly difficult for corporate breaches to identify, investigate or prosecute effectively due to their increasing complexity and sophistication. Besides, corporate violations are becoming increasingly difficult to successfully discover, investigate, or prosecute due to their increasing complexity and complexity. Likewise, some companies pay their managers bonuses, with the understanding that part of that reward will be turned over to the coffers of a candidate who the corporation favors.

An employee’s actions are usually taken into account in the sense and nature of the job if the employee has real authority or apparent authority to engage in such activities. Apparent authority means that a third party may reasonably believe that the employee has the right to act on behalf of the company.

The process of identifying, assessing and embracing or minimizing uncertainty in investment decisions is risk management in the financial world. Essentially, risk management takes place when an investor or fund manager analyzes and tries to measure the potential for risks in an investment, such as a moral hazard, and then takes appropriate action (or inaction) in view of its investment objective.

Criminality is a function of individual socialization, according to the theory of social processes, and the social-psychological interactions that people have with the different organizations, institutions, and social processes.

The primary responsibility of management is to plan, execute, track, and develop the risk management system for fraud. As part of this, management should: I: take all fraud reports seriously and carry out inquiries for any such reports that are considered reliable. Management may not be the best category to conduct investigations, but for all allegations of fraud that are considered reliable, investigations should be assured.
II: Appropriately discipline the perpetrators of the fraud found. Punishing criminals reflects the legal system and the inability to accept fraud.
III: take the appropriate steps to remedy the vulnerabilities that enable fraud to take place.
IV: Communicate that fraud is not accepted, both in words and actions.
V: Set a standard at the top and track the culture of the company to ensure that it embraces the fraud prevention and detection strategies of the organization adequately.
VI: Ensure that strict and efficient internal controls are in place for the company to avoid and detect fraud.

It is considered that the corporate governance system should ensure the strategic plan of the organization, the board’s effective management supervision, and the board’s accountability to the company and investors.
I: The board members must behave in good faith, with due diligence and consideration, and on a fully informed basis, in the best interests of the company and investors.
II: Where the board’s decisions may affect different groups of shareholders, all shareholders should be treated fairly by the board.
III: high ethical standards should be applied. It should take stakeholder interests into account.
IV: Track the efficacy of the management practices of the company and make adjustments when appropriate.

The key component of a fraud prevention plan is the board and senior management’s clear dedication. This dedication is the cornerstone of the anti-fraud culture of the company. By its effect, rather than by some individual component, a strong corporate culture can most often be observed. Promoting a culture of ethics and compliance is more profound than simply carrying out a checklist of initiatives;
Fostering a culture of ethics and compliance runs deeper than merely implementing a checklist of initiatives; similarly, a culture of corruption can exist even in companies with seemingly sound policies in place. However, one thing always has in common with organizations that promote ethical corporate cultures: a strong “tone at the top.”.

An evaluation that helps determine whether a sense of entitlement in the sector is shown or encouraged by people. An entity with a strong sense of entitlement from its employees or members may have an increased risk of fraud.

A confirmation process is an obligation for administrators, staff, and contractors to state clearly (usually by electronic or manual signature) that they have read, understood, and complied with the organization’s code of conduct, fraud control policy, and other such documentation that supports the system of fraud risk management.
Ways to expand the approval mechanism for further fraud protection include:
I: adding provisions in contracts requiring vendors to agree to comply with the Code of Conduct of the organization
II: requiring senior management to sign a code of conduct applicable to higher-level employees
III: requiring vendors to sign separate agreements on specific topics, such as confidentiality or use of company technologies
Establishing the responsibility of each person within the organization to support fraud risk management efforts comes under the statement of commitment.

It should be remembered that an anonymous reporting network is an integral part of a fraud control system, such as a hotline for ethics. Employees need to be made aware of the complexity of the reporting system, know how to use it, and believe they can report suspicious behavior anonymously or openly (where permitted by law) without fear of reprisal. Besides, it should be made clear to workers know how to use it and assume they can report suspicious activity anonymously or openly (where permitted by law) without fear of reprisal. Besides, it should be made clear to staff that allegations of suspicious activity will be reviewed promptly and thoroughly.
Clear focus should be put on educating staff about the reporting program:
I: Fraud, waste, and abuse occur in nearly all companies.
II: Such conduct costs the company jobs and profits.
III: The company actively encourages any employee with information to come forward.
IV: The employee can come forward and provide information anonymously and without fear of retaliation for good-faith reporting.
V: There is an exact method for reporting an incident (e.g., a telephone number or online
form).
VI: The report need not be made to one’s immediate superiors.

Like all the other points on large corporations ‘ duties, they have the power to influence the way laws are written and to commit acts that can cause serious harm to the people.

It should be noted that the auditor shall be based on a presumption that there are risks of fraud in revenue recognition when identifying and assessing the risks of material default due to fraud, assessing which types of revenue, revenue transactions or assertions give rise to such risks. Clear documentation is needed when the auditor determines that the rule is not valid in the circumstances of the undertaking and has therefore not established identification of revenue as a risk of material error due to fraud

Compliance with prescribed accounting procedures is always required. It is expected that employees with control over corporate assets and transactions will handle them with the utmost integrity and ensure that all transactions are performed by management authorization. It is illegal to record or use fictitious sales, transactions, products, loans, companies or other financial arrangements.

The actions of auditors should at all times and under all conditions be beyond reproach. Any deficiency in their professional conduct or any misconduct in their personal lives places in an unfavorable light the integrity of auditors, the SAI they represent, and the quality and validity of their audit work, and may raise doubts about the SAI itself’s reliability and competence.
The adoption and enforcement of a code of ethics for public sector auditors fosters trust and trust in auditors and their work.
SAI must be viewed with confidence, trust, and reputation. The auditor promotes this through the adoption and application of the ethical requirements of the concepts embodied in the keywords integrity, independence, objectivity, confidentiality, and competence.

An employee’s actions are generally taken into account in the context and nature of the job if the employee has real authority or apparent authority to participate in such activities. Apparent authority means that a third party may reasonably believe that the employee has the right to act on behalf of the company.

The non-punitive approach specifically covers the method which in no way requires punishment. It has to do with the services and other facilities to improve the employee’s job rather than punish him and leave a negative impact on him and his behaviour.

An essential component of a system for fraud risk management requires a process for supervisors, employees, and contractors to report any possible or real conflicts of interest to the company.
All reports of possible or real conflicts of interest, as well as the decision of management about the case, should be recorded and submitted to legal counsel. Besides, all exemptions of conflict of interest policy requirements should be disclosed— and may need to be disclosed under certain securities regulations. Management should also consider the benefits of reporting to the public the code of conduct, anti-fraud policies and related statements of the company and any legal requirements.

It should be remembered that the theories of social structure are based on the types of communities that create different levels of crime. As a community, the theories of social structure indicate that forces operating in the environment’s lower-class areas drive many of their inhabitants into criminal behavior. We claim in the same way that people living in comparable social environments tend to be behaving similarly.

It is noted that that “authority leakage” occurs when the gap between top executives and subordinate units rises to a sufficient level. It promotes accountants or other departments to engage in misconduct without any assurance that internal controls will check the behavior. Such leakage allows subsidiaries, company researchers to engage in misconduct without any assurance that internal controls will check the behavior. Such leakage means the company has become too unwieldy for an executive to enforce rules at all levels

It should be noted that the statement is relevant to monitoring and auditing, i.e. ensuring risk assessments, analyzes and engagement are effective in supporting the monitoring role of management

Deciding whether a conflict or a community of interests exists depends on the facts of each particular situation; however, some general rules on conflicts of interest are as follows: a company-employed fraud examiner should not engage in other jobs that create hardship or loss for the employer. A fraud examiner should not be a “double agent” employed by one company but retained by another company or person to infiltrate the employer and convey information within the company (unless, of course, the employing company agrees to the arrangement to apprehend other employed parties).
A fraud examiner should not accept both sides ‘ commitments to a dispute— just like lawyers

It should be noted that the argument is applicable to monitoring and auditing, i.e. to ensure successful risk assessments, analyzes and involvement in supporting management’s monitoring position.

It is found that the corporate governance structure will ensure the strategic strategy of the company, the board’s effective management oversight, and the board’s transparency to the company and investors.
I: The board members must act in good faith, with due diligence and consideration, and on a fully informed basis, in the best interests of the company and investors.
II: Where the board’s decisions that affect different groups of shareholders, all shareholders should be treated fairly III by the board: high ethical standards should be enforced. It should take account of stakeholders ‘ interests.
IV: Monitor the effectiveness of the management practices of the company and make changes as necessary.

Which is not a reason to face difficulties when dealing with high-stake criminals, among the following statement? It should be noted that despite our understanding of their behavior, dealing with high-stakes criminals will remain difficult. Not only because the money and action networks are so complex, but also because the conditioning is so intense.

The ERM Framework of COSO builds on the five components first identified as part of the Integrated Framework of COSO and includes an additional three components. The ERM Framework’s eight components are:
I: Internal environment
II: Objective setting
III: Event identification
IV: Risk assessment
V: Risk response
VI: Control activities
VII: Information and communication
VIII: Monitoring

There are two separate boards in this system— an executive/management board and a supervisory board — with no common membership allowed between the two. The executive/management board includes executives from the company and other non-independent directors; this board is responsible for day-to-day business. In contrast, the monitoring function is performed by the supervisory board, which consists solely of independent directors; it oversees the performance and execution of company policy by management. To determine organizational strategy, the two boards often work together.

Management may assume the risk if it determines that there is a low probability of occurrence and impact of loss. Management can determine that assuming the risk is more cost-effective than removing the asset or stopping the transaction, purchasing risk-shifting insurance, or implementing countermeasures to mitigate the risk.

The primary responsibility of management is to plan, execute, track and develop the risk management system for fraud. As part of this, management should: I: take all reports of fraud seriously and carry out investigations for any reports that are considered reliable. Management may not be the optimal group for conducting investigations, but all allegations should be investigated
Investigations should be carried out, but all allegations of fraud deemed reliable should be investigated.
II: Appropriately punish the perpetrators of the fraud found. Punishing criminals strengthens the tradition of honesty and the refusal to accept fraud.
III: take the appropriate steps to remedy the vulnerabilities that enable fraud to take place.
IV: Communicate — in words and deeds — And actions— don’t tolerate fraud.
V: Set a tone at the top and track the culture of the company to ensure that it embraces the fraud prevention and detection strategies of the organization adequately.
VI: Ensure that specific and effective internal controls are in place for the organization to prevent and detect fraud.

It should be noted that there have also been other long-term violators rationalizations, but they have almost always been used in conjunction with the concept of “borrowing”:
I: they have been mischievous in protecting their families from humiliation, embarrassment or poverty;
II: there was a case of “need;” their employers cheated them financially;
III: their employers were dishonest and deserved to be defrauded towards others. Some even pointed out that returning the funds was more difficult than stealing them first.

It should be noted that the efforts of the organization should be documented in such a way that it can demonstrate that it has made every effort to comply. The organization will maintain:
I: an account of the alleged offense
II: a summary of the steps taken to investigate the claim for each accusation of an offense
III: A summary of the actions taken by the organization in response to the violation. Also, there is also a secondary purpose in many jurisdictions: to reduce potential penalties for criminal conduct by showing that the organization is committed to avoiding illegal activity.

The PIOB oversees the Public Interest Action Committees (PIACs) of the IFAC, including the International Auditing and Assurance Standards Board, the International Accounting Education Standards Board, the International Accountants Standards Board, their respective Consultative Advisory Groups (CAGs), and the Compliance Advisory Panel (CAP). III: supervises the nomination process for all PIACs and CAGs under its supervision IV: supervises the CAP Growing investor security and fostering investor confidence in the integrity of securities markets, improving information exchange and regulatory cooperation against fraud and business and market intermediaries supervision is the goal of the International Organization.

When the offender is ill or otherwise absent, certain frauds are known as needing ongoing manual intervention. Requiring staff in certain positions (e.g. accounting clerks) to periodically adjust job duties or revised accounts will increase the likelihood of identifying potential offenders. For example, A director who embezzled $1.6 million from his company said, “If the company had combined a two-week break with four weeks of relocation to another job function, it would have been hard for me to cover up my embezzlement.”

One of the key elements of ethics is reflective preference. Reflective choice refers to the process whereby an individual identifies a decision problem, analyzes the situation— gathering information, considering behavioral rules, and considering the consequences of alternative actions— and taking action. In short, it reflects preferential decision making. Ethical problems involve almost always projecting yourself into a future where you have to live with your decisions. The function of ethical principles and rules is not to provide a simple and sure answer to all issues, but to guide individual decisions and actions.

A person who embezzles to get revenge on his employer for perceived unfair treatment, for example, uses financial means to solve what is essentially a non-financial issue.

When assessing incentives, pressures and opportunities for fraud, the fraud risk assessment team should evaluate:
I: Opportunities for fraud resulting from a person’s position (i.e., given his or her responsibilities and authority)
II: Incentive programs and how they may affect the behavior of employees when conducting business or applying professional judgment
III: Pressures on individuals to achieve performance or other objectives and how such pressures could influence the behavior of employees
IV: Opportunities to commit fraud arising from weak internal controls, such as the lack of segregation of duties
V: Highly complex business transactions and how fraudulent acts can be concealed
VI: Opportunities for collusion (intrinsic to schemes such as bribery or kickbacks)

The Public Interest Oversight Board (PIOB) is the international independent oversight body to strengthen the International Accountants Federation (IFAC) standards for auditing, training and ethics efficiency and public interest orientation. The PIOB aims to bring greater accountability and credibility to the international audit profession through its supervisory activities. The PIOB was created through a joint initiative of the international financial regulatory community working with the IFAC to ensure that auditing and assurance, ethics and academic standards of the accounting profession are established in a consistent manner. It was widely agreed that high-quality, open standard-setting processes with public and regulatory feedback, together with regulatory supervision and oversight of the public interest, are important to enhance the quality of organizations ‘ external audits.

The workers should be trained to understand the company’s ethical standards. We should also be trained to identify possible dangerous conditions and to know how to avoid them. This preparation should be tailored to the complexity of the organization’s sector, taking into account both its external and internal risks. Education should also include a study of particularly relevant laws and regulations. Most importantly, it should not be a one-time program. It is insufficient to simply distribute a copy of the company’s compliance policy at the start of an employee’s tenure.

Representativeness refers to those groups whose interests are affected throughout the process of allocation.

It should be noted that new information technology means that opportunities for wrongdoing are increasing, and many of the techniques are not widely understood by companies or individuals.

It should be noted that the presence of a non-shareable financial problem alone will not lead an employee to commit fraud, following the Fraud Triangle Model.

Sound corporate governance practices ensure that equitable treatment and fair and appropriate consideration is given to all stakeholders (e.g., shareholders, creditors, employees, management and others). In a system where the company’s owners are separate from those who employ the owners ‘ investments to conduct business operations, an inherently lopsided balance of power exists. The corporate governance mechanisms, therefore, work to eliminate any potential prejudice towards any group. Of example, minority shareholders, including those holding only one share of the stock, will have the same rights as majority shareholders, such as institutional investors, including equal protection of those rights, and equitable remedies of breaches of those rights.

It is to be noted that besides recruiting trained, ethical workers, it is important to position employees in positions where they can succeed without having to resort to unethical behavior. Organizations should provide well-defined job descriptions and quality goals for employees.
In ensure that they do not set unrealistic standards, performance goals should be regularly updated. To ensure that workers possess the skills needed to perform their duties efficiently, education should be delivered consistently. Regular training in ethics can help employees identify potential areas of trouble and avoid compromising situations. Management should also quickly identify where there are shortcomings in the actions of an employee and work with the employee to resolve the issue.

Fraud examiners shall not report without appropriate authority the privileged information collected during a professional engagement. Confidential information is information which can not even be sought by a court; it is information which is shielded from disclosure by statute.

The auditor shall obtain written representations from the management:
I: Recognizes his responsibility for designing, implementing and maintaining internal controls to prevent and detect fraud;
II: Discloses to the auditor the results of his assessment of the risk that the financial statements may be substantially misrepresented as a result of fraud;
III: The auditor has been told of his knowledge of fraud or alleged fraud involving the agency concerned: management; staff with significant internal control roles; or others where the fraud could have a significant impact on the financial statements

Independence of attitude requires impartiality and fairness in conducting checks on fraud and in reaching conclusions and judgments that result. Fraud examiners also need to be sensitive to the appearance of independence, so that knowledgeable third parties accept conclusions and judgments as impartial. Fraud examiners who become aware of a situation or relationship that could be perceived as impairing independence, whether or not there are actual impairments, should immediately inform management and take steps to eliminate the impairment perceived, including withdrawal from the examination if necessary.

An employee who deals with individuals or organizations doing business with the company or wanting to do business with it, or who makes recommendations about such transactions, should not:
I: Act as an officer, owner, employee or consultant.
II: Own a significant interest in any of the company’s rivals, or any entity doing business with the company or trying to do so.
III: Have any other direct or indirect personal interest in any business transactions with Company
IV: Provide telecommunications or information services or equipment, either directly or as a reseller, in such a way as to impose the objectivity or integrity of the Company concerned.

Specifically, internal audit can reinforce each of the following program components in the
noted ways:
Policies and procedures, by testing whether they are:
I: Documented appropriately
II: Approved by management
III: In compliance with applicable laws and regulations
IV: Implemented effectively

It should be noted that all options are correctly stated.

I. People have free will, which they can use to elect to engage in either criminal or noncriminal behavior.
II. Criminal behavior will be more attractive if the gains are estimated to be greater than the losses.
III. The more certain, severe, and swift the reaction to crime, the more likely it is that the penalties will control the behavior.
IV. Moreover, penalties, which are too severe, serve no purpose, since they are needlessly excessive for the deterrence they seek to achieve

Cressey defined long-term violators as individuals who converted their employer’s funds, or funds belonging to their employer’s clients, by taking relatively small amounts over some time. As with independent businesspeople, the long-term violators generally preferred the rationalization of “borrowing.” Whereas the people who were in business and converted “deposits” for themselves that had been entrusted to them are the independent businesspersons.

The legislative and regulatory elements of the corporate governance framework can usefully be complemented by soft law elements based on the “comply or explain” principle, such as corporate governance codes, to allow flexibility and address individual company specificities.

It should be noted that it is important to remember which type of information to retain or destroy. It is important to remember that each organization is different; therefore, an organization may require the retention of documents not specified in this text. All types of documents produced by an organization must be initially accounted for. It includes physical and electronic records, and financial documents are never restricted. Accounting records, corporate tax records, bank records, job records, various workplace records (including in-house emails and customer correspondence) and legal records must be taken into account when constructing a DRP for a particular individual.

Internal auditors play a key role in helping organizations prevent and detect fraudulent activity. Because of their proximity to and understanding of the inner workings of the organization, internal auditors are in a unique position to uncover potential unscrupulous acts.
Standard 1210—Proficiency
Internal auditors must possess the knowledge, skills, and other competencies needed to perform their responsibilities. The internal audit activity collectively must possess or obtain the knowledge, skills, and other competencies needed to perform its responsibilities.

An essential preventive mechanism is human resource managers ‘ efforts to assess and maintain high-level morale. Human resource managers can monitor employees ‘ morale through assessment, voluntary employee surveys, an open-door policy, and other methods.
However, ensuring that staff policies and procedures are implemented fairly and equitably will boost morale and thereby reduce the risk of fraud. Following are the measures that should be kept in mind while doing so:
I: Proper management training
II: Career development opportunities
III: Special events for employees
IV: Recognition of employees for a job well done

Morality refers to the right and wrong underlying codes. But the moral hardship is that it’s relative, not absolute. For instance, while lying is generally wrong, Abel would probably argue that under the circumstances his deceptive acts are morally justified.
Ethics, by contrast, refers to the appropriateness of a morally based decision. Ethics, by contrast, refers to the appropriateness of a morally based decision. That is, ethics emphasize norms or codes of conduct that the organization to which the member belongs should expect. Consider a criminal defense lawyer who is hired to represent the stockroom employees charged with theft to illustrate the difference between morals and ethics; Although the moral code of the lawyer is likely to be found theft immoral, ethics demand that the accused be defended, even though the lawyer knows the individuals are guilty. Accordingly, the ethics override the lawyer’s morals that find theft immoral.

Other elements that could be analyzed on a statistical basis include:
Receiving reports
Perpetual inventory records
Requests for raw materials
Shipping documents
Cost sheets

A standard, comprehensive population of fraud schemes, such as the ACFE Occupational Fraud Classification System, is used to calculate the Prevent / Detect Index to evaluate each scheme that applies to the business and to determine which schemes are the high-risk schemes the organization should focus on. For those fraud schemes applicable to the company and assessment of each scheme should be performed to identify:
I: The likelihood of the scheme being perpetrated
II: The significance of the risk of fraud for Company
III: Whether preventive or detective internal controls are in place to moderate the risk to a sufficient level

It is found that people weigh the advantages and disadvantages of compliance with the law according to the instrumental perspective and act accordingly. In other words, because they fear punishment for non-compliance, they choose to obey the law. A person who exemplifies the instrumental perspective may exceed the speed limit, believing that the benefit of saved time outweighs the speeding ticket. These types of individuals are unlikely to rob a bank, though, considering that success is doubtful and the penalty is steep.

It is found that when these two types of offenders are contrasted, there are surprising contrasts: I: nearly 97 percent of the antitrust offenders had been regularly working in the years preceding their offense, while only about 60 percent of the securities offenders had continuously held a job.
II: The antitrusters had a median ratio of $200,000 (assets) to $40,000 (liabilities) in assets to liabilities; the securities criminals kept a median of $57,500 in assets with $54,000 in liabilities;
III: Antitrust violators were more likely than securities criminals to own their own home (73.5 percent vs. 58.2 percent) and to be married (95.7 percent vs. 80.7 percent).
The fourth option is the contrast between the tax funds and bribery.

Control is the process that time-wise tests the efficacy of a monitoring system. This dimension should include both ongoing, automated evaluations and separate periodic evaluations, the results of which should be evaluated against predefined parameters. The framework principles that underpin this component are:
1. The company selects, establishes, and performs ongoing and/or similar assessments to determine if the internal control mechanisms are present and working.
2. The company assesses internal control failures and communicates them to the parties responsible for prompt corrective action.

Auditor supervision— whether a compulsory external review of the efficiency and quality of the independent audit process is achieved through a regulatory body or some other mechanism. The audit activity is regulated specifically by some jurisdictions. Besides, as a result of several major financial scans, several other jurisdictions have or are considering changing their policies in this area.

It is important to note that an anonymous reporting network, such as an ethics hotline, is an integral part of a fraud control system. Employees need to be made aware of the nature of the reporting system, know how to use it and have confidence that they can report suspicious activity anonymously or in confidence (where permitted by law) without fear of reprisal. It should be obvious to the employee’s hat reports of suspicious activity will be evaluated promptly and thoroughly.
In educating employees about the reporting program, it should be specifically emphasized
that:
I: Fraud, waste, and abuse occur in nearly all companies.
II: Such conduct costs the company jobs and profits.
III: The company actively encourages any employee with information to come forward.
IV: The employee can come forward and provide information anonymously and without fear of retaliation for good-faith reporting.
V: There is an exact method for reporting an incident (e.g., a telephone number or online
form).
VI: The report need not be made to one’s immediate superiors.

The deterrent is found to be designed as a crime control tool to detect law breaches, determine who is responsible, and penalize offenders for dissuading further violations. Deterrence strategies attempt to control the immediate actions of offenders, not long-term compliance-targeted behavior. The deterrence theory assumes people are rational in their behavioral patterns. It implies that a person’s tendency to violate laws is inversely proportional to the perceived risk of negative impacts.

The following individuals and groups may have key roles in ensuring successful risk management of fraud, depending on the size and complexity of the company: Executive Management, Audit Committee, Enforcement Committee, Manager Department, Internal Audit, IT, Safety, Legal Department and Human Resources

To ensure that the Fraud Risk Management Program is effective in both operation and design, those responsible for governing In particular, the board of directors must take into account the true and real risks of fraud in the organization, as well as its potential impact, and must fully embrace it with and oversee the organization.
I: Setting the appropriate tone and realistic expectations of management to implement an anti-fraud culture
II: Understanding of fraud risks throughout the organization
III: Developing a strategy to identify and mitigate fraud risks following the organization’s risk appetite and strategic plans

Responding to suspected fraud occurrences includes:
I: Investigating the allegation to determine the party or parties responsible, the means of the infraction, and the extent of the resulting damage
II: Punishing the perpetrator, whether through employment sanctions or legal action
III: Remediating the control weaknesses that allowed the fraud to be undertaken
IV: Rebuilding stakeholders’ confidence in the organization

The company should have a clear view of both the areas where the enterprise is vulnerable to fraud and the safeguards designed and implemented to resolve such weak spots at the end of a fraud risk assessment. The management should use the results of the fraud risk assessment to monitor the performance of critical internal controls to effectively manage the identified fraud risks. Such proactive attention will allow for the identification and correction of deficiencies in control design or operation as quickly as possible

It is found that the auditor will determine overall responses following ISA 330 (Redrafted) to address the assessed risks of material misstatement due to fraud at the financial statement level. In doing so, the auditor shall:
I: assign and supervise staff, taking into account the individuals ‘ knowledge, skills and ability to be given significant responsibility for engagement
II: Assess whether an entity’s selection and implementation of accounting policies, particularly those relating to subjective metrics and complex transactions, may be indicative of fraudulent financial reporting resulting from management’s efforts to control earnings
III: introduce an element of unpredictability in the type, duration, and context of audit procedures, such as using various sampling methods or conducting procedures on an unannounced basis at different locations or places.

In 1985 the National Commission on Fraudulent Financial Reporting (commonly known as the Treadway Commission) was formed to describe the duty of the auditor to prevent and detect fraud. In 1987, the Treadway Commission recommended that the five specialist accounting societies that finance the commission would work together to direct organizations ‘ internal controls. The Committee of Sponsoring Organizations (COSO) was set up to review the Treadway Commission’s report and in 1992 COSO published its Internal Control-Integrated Program.

It should be noted that there have also been other rationalizations of long-term violators, but they have almost always been used in conjunction with the “borrowing” theme:
I: They have been mischievous in saving their families from humiliation, embarrassment or poverty;
II: Theirs was a “necessity” case; their employers have deceived them financially
III: Their bosses were deceptive and entitled to be defrauded towards others. .Some have even pointed out that returning the funds was more complicated than stealing them first.

It should be noted that shareholders should be able to vote in person or absentia and equal effect should be given to votes cast in person or absentia.

Fraudulent financial reporting may be achieved by:
Manipulation, falsification (including forgery) or alteration of accounting records or supporting documentation from which the financial statements are prepared ·
Misrepresentation or deliberate omission from the financial statements of activities, transactions or other significant details.
Intentional misapplication of accounting principles relating to amounts, classification, manner of presentation, or disclosure.

An organization’s fight against fraud requires the combined efforts of many different departments including internal audit. Internal auditors assist in fraud prevention and detection by assessing the adequacy and effectiveness of internal controls, assisting management in establishing effective measures for fraud prevention, proactively auditing fraud and investigating suspected fraud.
Specifically, the Practice Guide notes that, in carrying out audit obligations, the internal auditor should: determine whether management is adequately responsible for managing the Fraud Risk Management Program, whether timely and effective corrective action has been taken concerning any recorded failures or deficiencies, and whether the program monitoring plan remains adequate for this purpose.

Anti-fraud legislation should include specific examples of fraud, to avoid being overly broad and thus difficult to enforce. The complexity of an organization’s fraud could range from internal cash theft in small amounts to a million-million-dollar third-party billing scheme.
Examples of fraudulent infractions include:
I: Personal use of business resources (e.g. office supplies, company vehicles, cell phones, computers)
II: stealing company properties (e.g. cash, receivables, inventory)
III: inflating recorded hours worked
IV: forging or modifying checks and other documents
V: disclosure to rivals of confidential information
VI: accepting bribes from suppliers or consumers or charging them bribes
VII: engaging in transactions in which the employee has an open conflict of interest

It is notable that the hotlines were a very successful news tool. However, some hotline calls do not result in fraud cases. Spurious concerns can be effectively eradicated by diligent call monitoring and proper handling. There are two main types of hotlines: Parttime In-house: It should be remembered that the hotlines were a very powerful news tool.
Depending on the size of the company, a full-time in-house hotline may be feasible. The downside is that at any moment, day or night, people can make reports and speak to an official. The drawback is expense, and some people may be reluctant to report directly to the company, as the part-time line.

The section highlights the moral, ethical, and legal issues facing fraud reviewers. These issues involve moral philosophy principles, ethical rules, legal considerations, values, and, above all, the issue of distinguishing between right and wrong. Morality refers to the underlying codes of right and wrong. But the moral hardship is that it’s relative, not absolute.
For example, while lying is generally wrong, Abel would probably argue that his deceitful acts are morally justified in the circumstances.

It is to be noted that The Culture Quotient is an assessment of how the organization and its people behave or are perceived to behave.

The audit committee, as a sub-group of the board of directors, is often assigned oversight of the financial, accounting and audit matters of the company. As part of that responsibility, the committee must play an active role in overseeing the assessment and monitoring of the fraud risks of the organization. This relates to:
I: regular meetings with key internal parties (e.g., Chief Audit Executive or other senior financial persons) to discuss identified fraud risks and fraud prevention and detection steps
II: understanding how internal and external audit strategies address fraud risk
III: providing external auditors with evidence that the audit committee is dedicated to effective fraud risk management.
IV: engaging in open discussions with external auditors concerning any known or suspected fraud
V: receiving regular reports on the status of alleged or reported fraud

Management can mitigate the risk by taking appropriate countermeasures, such as prevention and detection controls. The fraud risk assessment team must evaluate each countermeasure to decide whether it is cost-effective and appropriate, given the likelihood of occurrence and consequences of failure.

It is to be found that keeping inside the organization the ideas and agendas of the coming projects should stay. Each employee has to maintain the company’s confidentiality as its priority.

According to INTOSAI, several different documents integrate the extensive ISSAI structure with the following hierarchy
I: the Code of Ethics is also a critical component of this section of the framework. The declaration of values and principles that govern the auditors’ daily work forms the preconditions for the supreme audit institutions to operate. One of the principles outlined in the Code of Ethics is the obligation of the auditor to apply generally agreed auditing standards.
II: The Principles of Fundamental Auditing at the next level contain the postulates and principles for the conduct of audit work. The standards include basic principles and criteria for auditing commitments in the public, financial, performance and compliance sectors
III: Auditing Guidelines, which is the fourth standard, offer practical assistance to SAIs in their constituents’ application of the Standards.

In 1985 the National Commission on Fraudulent Financial Reporting (commonly known as the Treadway Commission) was established to define the responsibility of the auditor to prevent and detect fraud. In 1987, the Treadway Commission recommended that the five professional accounting societies that finance the commission would work together to direct organizations ‘ internal controls. The Committee of Sponsoring Organizations (COSO) was created to review the Treadway Commission report, and in 1992 COSO published its Internal Control-Integrated Program.

The OECD Corporate Governance Principles are seen as one of the key sources of guidelines for organizations around the world on corporate governance practices. According to the OECD, the Principles are intended to assist policymakers in reviewing and developing the legal, regulatory and institutional framework for corporate governance to achieve sustainable economic performance. These principles have indeed been used by policymakers in many countries as a basis for legislative and regulatory corporate governance initiatives.

It should be noted that in the Albrecht study, the methodology of the study involved obtaining demographic and background information on fraud by using extensive questionnaires. The survey participants were internal auditors of companies that had experienced fraud. Such variables fall into two main categories: the trait of the individual and organizational characteristics.

It should be noted that organizations can also be criminogenic since they promote loyalty. The reasons for this, according to Diane Vaughan, are: The organization tends to recruit and attract similar people.
Rewards are given to those who exhibit “company man” characteristics.
Through company retirement and benefits, long-term loyalty is encouraged.
Loyalty is fostered by social interaction, including corporate parties and social events.
Specialized job skills can discourage staff from looking elsewhere for a job.

It is found that the fourth point of Sutherland indicates that the process of criminal learning includes not only crime committing techniques but also the shaping of motives, drives, rationalizations and attitudes. Crime tactics also involve a high degree of skill; it requires considerable adroitness to pickpockets (and not get caught).

An affirmation process is a requirement for directors, employees, and contractors to state explicitly (usually by electronic or manual signature) that they have read, understood and complied with the organization’s code of conduct, fraud control policy, and other such documentation supporting the fraud risk management program. To determine if an affirmation process should be implemented, management must weigh any potential legal issues involved with having such a process with the increased fraud risk of not having one.
If an affirmation process is enacted, consistent sanctions should be introduced for individuals who refuse to sign on the acknowledgment. Besides, the affirmation process may include requiring individuals to recognize having a fiduciary duty to report any known instances of fraud.

Management can assume the risk if it decides that there is low probability of occurrence and impact of loss. Management may conclude that accepting the risk is more cost-effective than eliminating the asset or halting the operation, obtaining risk-shifting insurance or introducing countermeasures to mitigate the risk.

It should be noted that all cash and bank account transactions have to be handled to avoid any im-property question or suspicion. All cash transactions must be logged in the company’s bank books.
All company funds accounts, except for approved print funds, are set up and managed on behalf of the company or one of its subsidiaries, and may only be opened or closed by the board of directors of the company. Imprest funds must be kept in the custodian’s name, and the custodian is entirely responsible for these funds.
No funds shall be held in the form of cash, except for approved small cash, and no organization shall hold an anonymous (numbered) account at any bank.

It is found that following ISA 330 (Redrafted), the auditor shall determine overall responses to address the assessed risks of material misstatement due to fraud at the financial statement level. In doing so, the auditor shall:
I: Assign and supervise personnel, taking account of the knowledge, skill, and ability of the individuals to be given significant engagement responsibilities and the auditor’s assessment of the risks of material misstatement due to fraud for the engagement; this might include assigning additional individuals with specialized skill and knowledge, such as forensic and IT specialists, or assigning more experienced individuals to the engagement.
II: Evaluate whether the selection and application of accounting policies by the entity, particularly those related to subjective measurements and complex transactions, may be indicative of fraudulent financial reporting resulting from management’s effort to manage earnings
III: Incorporate an element of unpredictability in the choice of the type, duration, and context of audit procedures, such as using various sampling methods or conducting procedures on an unannounced basis at different locations or places.

An employee’s actions are usually taken into account in the sense and nature of jobs where the employee has real authority or apparent authority to engage in such activities. Apparent authority means a third party may reasonably believe that the employee is entitled to act on behalf of the company.

The ACFE published the latest Workplace Fraud and Abuse Report to the Nations, which was intended to provide insight into the enormous and largely unknown costs placed on organizations by workplace fraud. The main report’s stated objectives were:
I: To summarize the experts ‘ views on the percentage and amount of organizational income lost to all forms of employment
II: Examine the characteristics of those workers who commit job fraud and abuse.
III: Determine the categories of companies that are the perpetrators of job fraud and abuse.
IV: Categorize the seriousness of fraud and abuse.

Criminologist Charles McCaghy says profit pressure is “the most convincing cause behind market deviance, whether it is price-fixing, the disruption of competition, or the misrepresentation of a product” such as making a product of poor quality that will wear out and need replacement.

Commitment refers to factors related to the cost of criminal activity. People are committed to conventional behaviour, and they have probably invested something— fiscally and emotionally— in their ultimate success— an investment they are cautious about risking through criminal act. Commitment could include things like getting a better job or seeing one’s kids succeed.

Once all of the questions have been answered, the fraud specialist will review the evaluation results with the client or employer to identify the potential underlying fraud risks. Evaluate the people and organizations most likely to commit fraud, and identify the methods they are likely to use. Identify and map existing safeguards against preventive and detective risks. Assess the efficacy and performance of the results of controls. Identify and determine the residual risk of fraud that arises from insufficient or inexistent controls.

Management has a thorough knowledge of day-to-day business operations; responsibility for the evaluation of business risks and the implementation of organizational controls; authority to adjust operations; effect on the organization’s culture and ethical environment; and influence over the company’s resources (e.g. staff and systems).
In contrast, auditors are specialized in risk recognition and assessment and have experience in internal control management, which is essential to the fraud risk assessment process.

It is found that fraud prevention requires a set of policies and procedures to mitigate the risk of fraud while the likelihood of detecting any fraudulent activity that may occur increases . The opportunity most often caught would unquestionably convince criminals not to commit fraud. This theory gives rise to an in-depth control system

As mentioned in this description, internal controls should be designed to help management meet the following three goal categories. The objective of compliance is the one that pertains to the adherence of the organization to the laws and the regulations to which it is subject.

The system includes two independent boards— an executive/management board and a supervisory board — with no permitted shared membership between the two. The board of directors comprises company executives and other non-independent directors; this board is responsible for daily business operations. In contrast, the monitoring function is performed by the supervisory board, which consists solely of independent directors; it oversees the performance and execution of company policy by the management.

It should be noted that three strategies follow among efforts to control corporate crime: a gradual shift in corporate behavior and structure. The following actions must be taken in the voluntary change to develop stronger business ethics and certain corporate organizational reforms; government controls may involve larger and larger corporate chartering, stiffer penalties, wider use of publicity as a sanction, and possibly the nationalization of corporations.

It is to be noted that white-collar crime can be committed under the following conditions:
I: A corporate manager who has been promoted from within the corporation with only a ninth-grade education and who doesn’t own his home using his position in the company will perpetrate the crime.
II: Unemployed young people who need money may turn to armed robbery or burglary
III: For their part, the bank president or company chief executive may deal with a personal cash shortage through a range of illegal tactics that can commit the crime that is related to their business.

The board of directors and senior management must demonstrate the commitment to deter, recognize and constructively address the fraud. Such correspondence can be made as part of the company’s written statement of values and principles, as part of the code of conduct, or as part of a separate short document, like a letter to all employees, suppliers, and customers.
I: They will support or send a senior executive or board member.
II: Be offered to staff as part of the induction method, and be periodically re-issued.
III: Stressing the importance of mitigating fraud threats.
IV: Recognize the susceptibility of the organization to fraud
V: Establish the responsibility for supporting fraud risk management efforts by each individual within the organization.
VI: Strengthen the “no tolerance” attitude of management regarding fraudulent behavior.

Deterrence is intended as a crime control strategy to detect violations of the law, determine who is responsible and penalize offenders for deterring future violations. Deterrence systems try to control people’s immediate behavior, not the long-term behaviors that are targeted by compliance systems.
The theory of deterrence assumes human beings are rational in their patterns of behavior. This assumes that the tendency of a person towards lawbreaking is in inverse proportion to the perceived probability of negative consequences.

An affirmation mechanism is an obligation for administrators, staff, and contractors to state clearly (usually by electronic or manual signature) that they have read, understood, and complied with the organization’s code of conduct, fraud control policy, and other such documents supporting the fraud risk management program.
Ways to Extend the affirmation process for further fraud protection include:
I: Incorporating terms in contracts that require vendors to agree to abide by the organization’s code of conduct
II: Requiring senior management to sign a code of conduct specific to higher-level employees
III: Requiring vendors to sign separate agreements on specific topics, such as confidentiality or use of company technologies
Establishing the responsibility of each person within the organization to support fraud risk management efforts comes under the statement of commitment.

It is to be noted that background check is one of the most important steps in the prevention of employee fraud. That corporation must determine whether it is worth returning the time and expense of such background checks. It’s always a good practice, but employers should at least check the history of any worker who has regular access to cash, checks, credit card numbers, or any other things that are easily stolen. Existing employees who are being promoted or transferred to positions that include access to sensitive or valuable company resources should also be subject to background checks. Even if at the time of hiring such a search is carried out on the worker, an updated background check should be carried out to detect any significant changes or events that occurred during the lifetime of the person.

There should be a mechanism to require auditors to be subject to the discipline of an auditor’s supervisory body that is independent of the audit profession or to be supervised by an independent body if a professional body acts as the supervisory body. Such an auditor supervisory body should function in the public interest and have adequate membership, an adequate charter of obligations and rights, and adequate funding not under the control of the auditing profession to fulfill such duties.
Most importantly, this oversight process can be conducted in conjunction with similar quality assurance mechanisms in place within the audit industry, ensuring that the oversight body retains control over critical issues such as the nature of reviews, access, and preservation of audit work papers and other information required in reviews, and monitoring of the review results.

Misappropriation of assets can be accomplished in a variety of ways, including embezzling receipts (for example, misappropriating collections on receivable accounts or diverting receipts on written accounts to personal bank accounts) Stealing of physical assets or intellectual property (for example, stealing inventories for personal use or sale, stealing scrap for resale or colluding. Stealing physical assets or intellectual property (for example, stealing inventory for personal use or sale, stealing scrap for resale, or colluding with a competitor by disclosing technological data in return for payment)
Causing an entity to pay for goods and services not received (for example, payments to fictitious vendors, kickbacks paid by vendors to the entity’s purchasing agents in return for inflating prices, or payments to fictitious employees)
Using an entity’s assets for personal use (for example, using the entity’s assets as collateral for a personal loan or a loan to a related party)

It should be noted that institutional investors acting as trustees must report how they handle material conflicts of interest that can influence the exercise of crucial ownership rights regarding their investments.

The most important conclusion to draw from the Cressey study was that it took all three elements— perceived non-shareable financial issues, perceived opportunity, and the ability to rationalize — for the breach of trust to happen. The three events constitute the conditions under which breach of trust takes place and the term cause may be applied to their circumstances as a breach of trust is dependent on that conjuncture. Whenever the conjuncture of events occurs, trust violation results, and if the conjuncture does not take place there is no trust violation.

It should be noted that corporate breaches are becoming increasingly difficult to successfully detect, investigate or prosecute because of their increasing complexity and intricacy. Also, corporate breaches are becoming increasingly difficult to discover, investigate or prosecute effectively due to their increasing complexity and complicity. Similarly, certain companies pay their executives bonuses, with the understanding that part of that reward will be turned over to the coffers of a candidate who the corporation favors.

Information is material if knowledge of such information could reasonably be expected to influence decisions taken by a client or employer based on a report from a fraud examiner. Materiality is accordingly a user-oriented concept. Therefore, an item of information that would alter a user’s views and expectations if removed from a report is content. The perceptions and conclusions of the user are material.
Fraud examiners should not consider what they think is important and material when determining what information is material; instead, they should try to decide what users will consider important and material. Betrayal examiners must, therefore, project a decision-making process on users.