CFE Exam Quiz 22

It is to be found that keeping the ideas and agendas of the upcoming projects should remain inside the organization. it is the duty of every working employee to keep the confidentiality of the company the first priority.

It is to be noted that it is necessary to handle all cash and bank account transactions to avoid any question or suspicion of im-property. All cash transactions have to be registered in the bank books of the company.
All company funds accounts, with the exception of authorized imprest funds, shall be established and maintained on behalf of the company or one of its subsidiaries and may only be opened or closed by the board of directors of the company. Imprest funds must be kept in the custodian’s name, and the custodian is entirely responsible for these funds.
No funds shall be held in the form of cash, except for approved small cash, and no organization shall hold an anonymous (numbered) account at any bank.

It is always necessary to comply with prescribed accounting procedures. Employees with control over corporate assets and transactions are expected to handle them with the utmost integrity and ensure that all transactions are carried out by the authorization of the management. All payments are reported correctly and reasonably in the accounting records of the company.
It is illegal to record or use fictitious sales, transactions, products, loans, companies or other financial arrangements.

It is found that the risks of fraud that should be kept in mind is the mere aim of controlling these risks is to significantly reduce the inherent risk compared to the residual risk.

The types of threats posed by a company are directly related to the nature of the business it is engaged in. For example, the inherent risks of fraud faced by hospitals and medical practices differ widely from those faced by banks and financial institutions, building companies, educational institutions or retail organizations.

A good system of internal controls, with the right balance of preventive and detective controls, can greatly reduce an organization’s vulnerability to fraud. Preventive controls are those manual or automatic processes that avoid something unpleasant before it occurs. Detective controls can also be manual or automated, but they are designed to identify a bad thing that has already happened. No internal control system can fully eliminate the risk of fraud, but well-designed and efficient internal controls can be deterred.

It is to be noted that while performing a fraud risk assessment provides management with the opportunity to review the company’s internal control system for effectiveness, taking into account all the following examples,
I: Controls that might have been eliminated due to restructuring efforts (e.g., elimination of separation of duties due to downsizing)
II: Inherent limitations of internal controls, including opportunities for those responsible for control to commit and conceal fraud (e.g., through management and system overrides)
III: Nonperformance of control procedures (e.g., control procedures compromised for the sake of expediency)

Management has in-depth knowledge of day-to-day business operations; responsibility for evaluating business risks and applying operational controls; authority to change operations; impact on the culture and ethical environment of the organization; and power over the resources of the company (e.g., personnel and systems). Conversely, auditors are specialized in risk recognition and evaluation and have experience in internal control management, which is essential to the process of fraud risk assessment.

Having the right sponsor for a fraud risk assessment is extremely important in ensuring its success and effectiveness. The sponsor must be senior enough in the organization to command the employees’ respect and elicit full cooperation in the process. The sponsor also must be someone who is committed to learning the truth about where the company’s fraud vulnerabilities are; he must be a truth seeker—not someone who is prone to rationalization or denial. In the ideal situation, the sponsor would be an independent board director or audit committee member; however, a chief executive officer or other internal senior leader can be equally as effective.

It is to be noted that the following statements regarding the fraud risk assessment are considered to be the practices that should be carried out in the organizations to decrease the chances of risks
I: Identify where the company is most vulnerable to fraud and what practices put it at the highest risk.
II: Just who poses the greatest risk to the organization.
III: Build strategies to reduce the danger of fraud.
IV: Developing methods to investigate and assess if there has been abuse in high-risk areas.

It is noticeable since no fraud risk management can completely erase the percentage of fraud, some of the risks will always remain. Trying to eliminate the degree of fraud fully, the organizations use the management of risk appetite.
Risk appetite can be measured and expressed either qualitatively—low, medium, or high, for example—or quantitatively, using a numeric scale.
Risk appetite can also be broken down into specific types or sources of fraud, which allows for the prioritization of fraud risk management strategies based on the assessed components.
Whatever means of measuring risk appetite that management chooses to use, the results should be a continuous focus on developing an effective fraud risk management strategy.

It is found that the deterrence is structured as a crime control technique to identify violations of the law, assess who is responsible, and penalize criminals for dissuading further violations. Deterrence programs attempt to control individuals ‘ immediate behavior, not compliance-targeted long-term behavior.
The theory of deterrence assumes that people are rational in their patterns of behavior. It implies that the tendency of a person to violate laws is in inverse proportion to the perceived risk of negative consequences.

The specific components of the fraud risk management program must be designed, taking into consideration the organization’s culture, operating environment, and specific risks, as well as management’s defined program objectives and risk appetite. Individuals with adequate knowledge of both fraud risk management techniques in general and the unique risks and operations of the organization should design the system components.
There is no way that a person with inadequate knowledge of the programs, perform it.
Components of the customized fraud risk management program will generally include:
I: Initiatives to increase the anti-fraud culture and tone of the organization
II: Fraud prevention controls
III: Fraud detection controls
IV: Formalized policies, processes, and procedures for investigating and responding to known instances of fraud

It is found that the purpose and expectations of the fraud risk management program must be communicated, both formally and informally, to employees at all levels throughout the organization. Employees who are told to perform a certain task a certain way will likely not understand the full impact of the anti-fraud control if they are not educated about how that task helps protect the organization from being defrauded. Additionally, employees must be informed about their responsibility to report suspected fraud and be empowered with the means and confidence to do so without concern for retaliation.
The fraud risk management program must include mechanisms specifically designed to monitor, identify, and address breaches in compliance is a part of the objectives of the company regarding the insurance of compliance.

An affirmation process is the requirement for directors, employees, and contractors to explicitly affirm (typically via electronic or manual signature) that they have read, understood, and complied with the organization’s code of conduct, fraud control policy, and other such documentation that supports the fraud risk management program.
Ways to Extend the affirmation process for further fraud protection include:
I: Incorporating terms in contracts that require vendors to agree to abide by the organization’s code of conduct
II: Requiring senior management to sign a code of conduct specific to higher-level employees
III: Requiring vendors to sign separate agreements on specific topics, such as confidentiality or use of company technologies
Establishing the responsibility of each person within the organization to support fraud risk management efforts comes under the statement of commitment.

Fraud is more commonly identified by tips than through any other means. As a result, a fraud risk management program must include mechanisms to receive allegations of fraud from employees and other parties to be fully effective.
The organization’s reporting policies and procedures should:
I: Be thoroughly and openly communicated to employees, customers, and vendors.
II: Set the expectation that suspected fraud should be immediately reported.
III: Clearly define and communicate the channels to use to make such reports (e.g., a hotline, ombudsman, or specific page on the organization’s website).
IV: Provide explicit support and protection for whistleblowers.

It should be noted that there have also been other rationalizations of long-term violators, but they have almost always been used in connection with the “borrowing” theme:
I: they have been mischievous in keeping their families from shame, disgrace or poverty;
II: there was a case of “need;” their employers have cheated them financially;
III: their employers were dishonest toward others and deserved to be defrauded. .Some even pointed out that it was more difficult to return the funds than to steal them in the first place.

Ethics is concerned with what is right and wrong. In A Critical Introduction to Ethics, Philip Wheelwright defined ethics as:
[The] branch of philosophy which is the systematic study of reflective choice, of the standards of right and wrong by which it is to be guided, and of the goods toward which it may ultimately be directed.
This definition contains three key elements:
I: Ethics involves questions requiring reflective choice (decision problems).
II: Ethics involves guides of right and wrong (moral principles).
III: Ethics is concerned with values (goods) inherent in ethical decisions.

Reflective preference is one of the key elements of ethics. Reflective choice refers to the process by which an individual identifies a problem of decision, analyzes the situation— gathering information, considering behavioral rules, and thinking about the consequences of alternative actions— and taking action. In short, decision making represents0 preference.
Ethical problems almost always involve projecting yourself in a future in which you have to live with your decisions.
The functions of ethical principles and rules is not to provide a simple and sure answer to all problems, but to provide some guidelines for individual decisions and actions.

It should be noted that shareholders should be able to vote in person or absentia, and votes cast in person or absentia should have equal effect.

The section illustrates the moral, ethical, and legal issues facing fraud examiners. These issues involve principles of moral philosophy, rules of ethics, legal considerations, values, and—above all—the problem of distinguishing right from wrong. Morality refers to the underlying codes of right and wrong. But the difficulty with morality is that it is relative, not absolute. For example, although lying generally is wrong, Abel would likely argue that his deceptive acts are morally justified under the circumstances.

Morality refers to the underlying codes of right and wrong. But the difficulty with morality is that it is relative, not absolute. For example, although lying generally is wrong, Abel would likely argue that his deceptive acts are morally justified under the circumstances.
In contrast, ethics refers to the appropriateness of a decision in light of morality. That is, ethics stress standards or codes of behavior expected by the group to which the individual belongs. To illustrate the difference between morals and ethics, consider a criminal defense lawyer who is hired to represent the stockroom employees charged with theft. Though the lawyer’s moral code likely finds theft immoral, ethics demand that the accused be defended, even though the lawyer knows the individuals are guilty. Accordingly, the ethics override the lawyer’s personal morals that find theft immoral.

INTERNATIONAL COOPERATION
In the case of companies operating or classified on a cross-border basis, IOSCO members are encouraged to provide each other, whether directly or through collaboration with the auditor supervisory authority in their jurisdiction, with the fullest possible assistance in the review or investigation of matters where irregular auditing may have occurred and in any other matter relating to the auditor.

It is to be noted that people frequently refer to professions, professional men and women, and professional activities without defining the meaning of the concept “professionalism.” Some fraud examiners say, “I might not know how to define it, but I know it when I see it.”
Five principal characteristics help differentiate professional fields from other vocations. The five characteristics are as follows:
I: A body of specialized knowledge acquired by formal education
II: Admission to the profession governed by standards of professional qualifications
III: Recognition and acceptance by society of professional status, and concurrent recognition and acceptance of social responsibility by the professional
IV: Standards of conduct governing relationships of the professional with clients, colleagues, and the public
V: An organization devoted to the advancement of the obligations of the professional group

The National Commission on Fraudulent Financial Reporting (commonly known as the Treadway Commission) was set up in 1985 to define the auditor’s responsibility to prevent and detect fraud. The Treadway Commission proposed in 1987 that the five professional accounting associations funding the commission work together to guide the internal controls of organizations. The Sponsoring Organizations Committee (COSO) was formed to review the recommendation of the Treadway Commission and COSO released its Internal Control-Integrated System in 1992.

Objectivity refers to the ability to conduct fraud examinations without being influenced by one’s own personal feelings or the feelings and motives of others. To ensure objectivity in performing examinations, fraud examiners must maintain an independent mental attitude, reach judgments on examination matters without undue influence from others, and avoid being placed in positions where they would be unable to work in an objective professional manner. All possible conflicts of interest should be disclosed.

A reward, such as a cash payment, can provide an incentive for employees to report wrongdoing. Strict criteria should exist for the payment of rewards, and any proposed policies should be reviewed and approved by legal counsel. Additionally, to help prevent anyone from taking advantage of the incentive program by filing false reports, it must be made clear that rewards are given only if an investigation reveals that an actual act of fraud or misconduct did occur. The appropriate incentive depends on the organization, the whistleblower, and the allegations reported. Some organizations provide monetary rewards. In addition to or instead of cash payments, employees who provide information on wrongdoing can be rewarded with public recognition (if they wish), lunch with the CEO, or some other non-monetary incentive that focuses on the qualitative value of reporting and highlights management’s support of and encouragement for individuals to come forward with tips.

Independence of attitude requires impartiality and fairness in conducting fraud examinations and in reaching resulting conclusions and judgments. Fraud examiners must also be sensitive to the appearance of independence so that conclusions and judgments will be accepted as impartial by knowledgeable third parties. Fraud examiners who become aware of a situation or relationship that could be perceived to impair independence, whether or not actual impairments exist, should inform management immediately and take steps to eliminate the perceived impairment, including withdrawing from the examination if necessary.

Libel and slander can cause personal injury and subject a fraud examiner to a lawsuit for damages. Libel is written defamation of someone else’s character. Slander is a spoken defamation. The content of a libelous or slanderous message must:
I: Contain words that injure another person’s character or reputation or hold him up to ridicule.
II: Be communicated orally or in writing to other people.
III: Cause actual damage to the person who is the subject of the communication.
The risks involved in libel and slander are reasons for having the rule in the ACFE Code of Professional Ethics that prohibits the expression of opinions on the guilt or innocence of people.

Deciding if a conflict or a community of interests exists depends on the facts of each particular situation; however, the following are some general rules concerning conflicts of interest:
A fraud examiner employed full time by a company should not engage in other jobs that create a hardship or loss to the employer.
A fraud examiner should not be a “double agent” employed by one company but retained by another company or person to infiltrate the employer and transmit inside information (unless, of course, the employing company agrees to the arrangement in order to apprehend other parties employed by the company).
A fraud examiner should not accept engagements from both sides to a controversy—just like lawyers are prohibited from representing both parties in a transaction, lawsuit, or trial.