Fraud Risk Assessment E-Book

Contents

Title

Copyright

Preface

About the Author

Acknowledgments

Chapter 1: Fraud Theory

Building Fraud Theory into the Audit Process

ATM : Awareness, Theory, Methodology

The Fraud Audit

Chapter 2: The Fraud Audit

The Audit Response

Chapter 3: Organizational Fraud Risk Assessment

Fraud Risk Mitigation Decisions

Enterprise-Wide Risk Assessment

Business Process Fraud Risk Assessment

Chapter 4: Fraud Penetration Risk Assessment

Fraud Risk at the Mega-Risk Level

Building the Fraud Audit Program at the Mega-Risk Level

Chapter 5: Fraud Data Mining

Applying Fraud Theory

The Fraud Data Analysis Plan

Chapter 6: Fraud in Expenditure

Formation of Front Companies

Synopsis of Fraud Schemes

Chapter 7: Contract Fraud

Contract Fraud Audit Plan Steps

Synopsis of Contract Fraud Schemes

Chapter 8: Bribery

Understanding the Legal Terms

Audit Elements

Audit Objectives

Chapter 9: Travel Expenses

The Rationale for Travel Expense Fraud

Travel Expense Concealment Strategies

Who Commits Travel Expense Fraud

The Red Flags of Travel Expense Fraud

Travel Expense Fraud Schemes

Chapter 10: Payroll Fraud Schemes

Ghost Employees

Overtime Reporting Fraud

Fraud Opportunities in the Payroll Office

Chapter 11: Revenue Fraud

Embezzlement of Cash Receipts

Other Embezzlement Schemes

Chapter 12: Asset Fraud Schemes

Theft of Assets

Other Asset Fraud Schemes

Chapter 13: Fraud Control Theory

Antifraud Programs

Fraud Control and Coso

Identified Fraud Risk Control Strategy

Chapter 14: Fraud Audit Report

Suspicious Transaction

Fraud Audit Report

Considerations for Fraud Audit Reports

Sample Fraud Audit Report

Chapter 15: Fraud Investigation for the Auditor

The Differences Between Audit and Investigation

Organization Policies for Responding to Fraud

Framework for Preparing an Investigation Plan

Develop the Preliminary Fraud Theory

Index

Copyright © 2008 by John Wiley & Sons, Inc. All rights reserved. Published by John Wiley & Sons, Inc., Hoboken, New Jersey. Published simultaneously in Canada.

No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning, or otherwise, except as permitted under Section 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, Inc., 222 Rosewood Drive, Danvers, MA 01923, 978-750-8400, fax 978-646-8600, or on the web at www.copyright.com. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, 201-748-6011, fax 201-748-6008, or online at http://www.wiley.com/go/permissions.

Limit of Liability/Disclaimer of Warranty: While the publisher and author have used their best efforts in preparing this book, they make no representations or warranties with respect to the accuracy or completeness of the contents of this book and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives or written sales materials. The advice and strategies contained herein may not be suitable for your situation. You should consult with a professional where appropriate. Neither the publisher nor author shall be liable for any loss of profit or any other commercial damages, including but not limited to special, incidental, consequential, or other damages.

For general information on our other products and services, or technical support, please contact our Customer Care Department within the United States at 800-762-2974, outside the United States at 317-572-3993 or fax 317-572-4002.

Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available in electronic books.

For more information about Wiley products, visit our Web site at http://www.wiley.com.

Library of Congress Cataloging-in-Publication Data

Vona, Leonard W., 1955-

Fraud risk assessment : building a fraud audit program / Leonard W. Vona.

p. cm.

Includes index.

ISBN 978-0-470-12945-6 (cloth)

1. Auditing. 2. Forensic accounting. 3. Fraud—Prevention. I. Title.

HF5667.V66 2008

658.4′73—dc22

2007049354

Preface

People commit fraud. Therefore, corporations, not-for-profit organizations, business systems, personal computers, and cell phones do not. This distinction is simple, but an important one to note. Fraud investigation from the accounting perspective naturally arose from the investigative tenets of auditing. Unfortunately, auditing standards, although requesting that auditors look for fraud, do not provide a way to adapt the existing audit tools to detect fraud. After spending more than thirty years performing diversified auditing and forensic accounting, I have developed a fraud audit theory, the principles of which will assist auditors in what traditionally has been one of their most nebulous responsibilities.

My theory includes the steps of a proactive approach in responding to fraud risk. Using a framework familiar to all auditors, the theory recognizes and categorizes the multitude of fraud schemes. The application of my fraud theory provides the necessary steps needed to, not only detect fraud specific to a situation, but that are indicative of the preventive actions to be taken.

The theory addresses the perpetrator’s role in committing the fraudulent act. The auditor is not required to think like a perpetrator of fraud, a useless act, but to be as creative and intuitive in their response to fraud, as the perpetrator is in their pursuit of carrying out a fraudulent act. The difference between right and wrong is simple; however, people complicate the difference, by what they choose to desire. Hopefully, this book will help the profession understand the important consequences of wrongdoing with regards to fraud, thereby, making the auditor better equipped to detect fraud, and, lastly, to confer an understanding of the detrimental consequences of fraud, not only to the individual making the choice to commit fraud, but to society as a whole.

About the Author

Leonard W. Vona is a financial investigator with more than thirty years of diversified auditing and forensic accounting experience, including a distinguished eighteen-year career in private industry. His firm advises clients in the areas of fraud litigation support, financial investigations, and fraud prevention. He has successfully conducted more than one hundred financial investigations. With his extensive trial experience, he is a qualified expert witness and has been cited in West Law for the successful use of circumstantial evidence.

Mr. Vona lectures on fraud topics both nationally and internationally. He regularly speaks at audit conferences, and he has developed the fraud training curriculum for the MIS Training Institute, an internationally recognized audit training organization. Having provided more than one thousand days of fraud training to organizations around the world, he has been a member of the faculties of the National Association of Fraud Examiners and at Rensselaer Polytechnic Institute’s Lally School of Management. In addition, Mr. Vona has written the training course on Auditor’s Responsibility for Detecting Fraud, SAS No. 99, used by CPA Societies across the nation.

A graduate of Siena College in Loudonville, New York, having received a Bachelor’s degree in accounting with honors, Mr. Vona is a Certified Public Accountant and a Certified Fraud Examiner. He was recognized by Arthur Anderson as one of the top 25 Audit Directors in North America. He is a member of the American Institute of Certified Public Accountants, the Association of Certified Fraud Examiners, and the Institute of Internal Auditors. He is a former President of the New York Capital Chapter of the Association of Government Accountants and the founding President of the Albany Chapter of Certified Fraud Examiners.

Acknowledgments

It is interesting to reflect on one’s career, and wonder how I could go from Rensselaer Boys Club to writing a book on a subject that has been a part of my life for over thirty years. Undoubtedly, a countless number of professionals have helped me in reaching this point in my career. However, most of the credit goes to the women in my life, who have helped establish the values that have guided me. My perseverance and work ethic, I learned from the example set by my mom, known as Peachy. Compassion, I learned from my grandmother Edith. My choices of right over wrong, I owe to my great-grandmother, Ethel. The shaping of the person I am today is the result of the seemingly endless patience and encouragement given to me by my wife, Pat.

A special thank you needs to be made to Joel Kramer, who provided me with the opportunity to speak about fraud. In addition, I want to thank the MIS Training Institute for providing me with a platform to present my ideas about fraud. I also thank my numerous students over the years, whose questions have helped me improve the articulation of my fraud theory. Lastly, I wish to express my appreciation to my administrative assistant, Melissa Daley, who always kept me organized throughout the writing of this book.

Also, I would like to thank my editor, Shek Cho, for encouraging me to write this book.

Leonard W. Vona

Chapter 1

Fraud Theory

Auditors today are at a crossroads regarding how to incorporate fraud detection into their audit plans. Sarbanes-Oxley, Public Company Accounting Oversight Board (PCAOB) regulators, and the professional standards of auditing are requiring auditors to give greater consideration to incorporating fraud detection into their audit plan. Companies’ boards of directors, management, and the public are asking why is fraud occurring and going undetected in our business systems. Auditors are asking themselves whether fraud can be detected when there is no predication or allegation of a specific fraud.

Traditionally, the auditing profession had two fundamental ways to deal with the fraud question:

Historically, the profession relied on evaluating the adequacy and effectiveness of internal controls to detect and deter fraud. Auditors would first document the system of internal controls. If internal controls were deemed adequate, the auditors would then test those controls to ensure they were operating as intended by management. The test of internal controls was based on testing a random, unbiased sample of transactions in the business system. Conventionally, audit standards stated that auditors should be alert to the red flags of fraud in the conduct of an audit. Study after study indicates that the lack of professional skepticism is a leading cause for audit failure in detecting fraud.

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!

Lesen Sie weiter in der vollständigen Ausgabe!