Theoretical background

Definition of corporate Fraud

Fraud essentially involves using deception to make a personal gain for oneself dishonestly and/or create a loss for another. Although definitions vary, most are based around these general themes. The term fraud commonly includes activities such as theft, corruption, conspiracy, embezzlement, money laundering, bribery and extortion.

Types of corporate frauds

There are many types of corporate fraud, including the following common frauds: Theft of cash, physical assets or confidential information Misuse of accounts Procurement fraud Payroll fraud Financial accounting misstatements Inappropriate journal vouchers Suspense accounting fraud Fraudulent expense claims False employment credentials Bribery and corruption.

Internal fraud: This refers to frauds which happen within the company and are in control of the company. There are three main categories of internal fraud that affect organizations. These are summarized in the following diagram:

(Adapted from page 8 of Fraud Risk Management: a guide to good practice)

Rahul Ranjan- Theoretical Background. Page 1

Why Do People Commit Fraud?

The Fraud Triangle model is useful in understanding the circumstances and rationale behind corporate fraud. 1. Opportunity The hard fact is that opportunity can sway even otherwise honest individuals in cases of fraud. When it comes to opportunity, potential fraudsters identify an opportunity to use/abuse their position of trust for personal gain and they believe they have a low risk of getting caught in the act. Weak internal controls, poor security, low likelihood of detection, and lack of policy enforcement provide clear opportunities for a fraud to be perpetrated. 2. Incentive / Motivation Need and greed are common incentives for committing fraud. When coupled with opportunity, the temptation can be all too great for some. Management or other employees may have an incentive or be under pressure, providing a motivation to commit fraud. According to the Association of Certified Fraud Examiners (ACFE) common pressures that lead to fraud include:

Inability to pay ones bills Drug or gambling addition Need to meet earnings to sustain investor confidence Need to meet productivity targets at work Desire for status symbols such as bigger house, nicer car, etc.

3. Attitude/Rationalization Those involved in a fraud may be able to rationalize a fraudulent act as being consistent with their personal code of ethics. Some individuals possess an attitude, character, or set of ethical values that allows them to knowingly and intentionally commit a dishonest act. Many fraudsters view themselves as ordinary people, not criminals, so it becomes easier to justify their acts. In committing fraud, employees will seek to justify their actions by using rationalizations such as, I didnt get that raise I was promised, or I work harder than anyone else, or They have so much money theyll never notice. Rationalizations are difficult to combat because each individual is likely to have unique reasons or justifications for their fraudulent actions. ACFE identifies these common rationalizations:

I was only borrowing the money. I was entitled to the money. I had to steal to provide for my family.
Page 2

Rahul Ranjan- Theoretical Background.

I was underpaid; my employer cheated me. My employer is dishonest to others and deserved to be fleeced.

What Is Financial Statement Fraud?

Association of Certified Fraud Examiners (ACFE) defines fraud as "deception or misrepresentation that an individual or entity makes knowing that the misrepresentation could result in some unauthorized benefit to the individual or to the entity or some other party." Greed and work pressure are the most common factors pushing management to deceive investors and creditors.

What is Earnings Management?

The use of accounting techniques to produce financial reports that may paint an overly positive picture of a company's business activities and financial position. Earnings Management takes advantage of how accounting rules can be applied and are legitimately flexible when companies can incur expenses and recognize revenue. It can be difficult to differentiate these allowable practices from earnings fraud or manipulation. Earnings management theoretically represents this gray area, but it is often used as a synonym for earnings manipulation or earnings fraud. Earnings management occurs when managers use judgments to purposefully alter operating results to mislead stakeholders into thinking the company is doing better than it really is or to gain a personal advantage. Various techniques can be used such as prematurely recognizing revenue, deliberately delaying expenses, changing estimates to inflate earnings, and improperly disclosing financial information. The motivation for earnings management can be to: Meet financial analysts' estimates of earnings that leads to performance-based compensation Raise the stock price thereby enhancing the value of stock options Smooth net income making it appear that the earnings are increasing at a steady rate Make it look as though future earnings are higher than they really are by establishing "cookie jar reserves" (inflated expenses) in the current year that can be drawn on in future years. Various techniques of earnings management are: Cookie jar reserve techniques- A normal feature of accrual based accounting is that management must estimate and record obligations that will be paid in the future as a result of

Rahul Ranjan- Theoretical Background.

Page 3

event or transaction in current period. Companies modify their estimates to boost their earnings. Common areas where Cookie jar reserve is created are: Estimating sales returns and allowances. Estimating bad debt write-offs. Estimating inventory write-downs. Estimating warranty costs. Estimating pension expenses. Estimating percentage of completion for long term projects.

Big bath technique: companies in order to remain competitive substantially restructure or eliminate operations or subsidiaries. The loss from implementing this change is reported as non-recurring charge against income. This is used in belief that if a bad news has to be reported, it is better to report all at once and get rid of it. Common Big bath techniques are: Operations restructuring. Troubled debt restructuring. Asset impairment and write down. Operations disposals. Big bet on future technique: This technique includes: Writing off in process research and development costs for the company acquired. Integrating the earnings of company acquired into corporate consolidated earnings. Flushing the investment portfolio: GAAP requires that these investments be classified into one of two portfolio categories, each with a different accounting treatment: 1. Trading securities. Any changes in the market value of these securities during a fiscal period, or actual gains or losses from sales, are reported in operating income. 2. Available-for-sale securities. Any change in market value during a fiscal period is reported in other comprehensive income components at the bottom of the income statement, not in operating income. When these securities are sold, however, any gain or loss is reported in operating income. This offers an opportunity for earnings management through the following techniques:

Timing sales of securities that have gained value. Timing sales of securities that have lost value.
Change of holding intent Write-down of impaired securities. Page 4

Rahul Ranjan- Theoretical Background.

Throw out a problem child technique: Exchange the stock in an equity method subsidiary. Spin off the subsidiary. Create a special-purpose entity (SPE) for financial assets. Sell the subsidiary.

Change in accounting practices: Improved expense recognition rule. Improved revenue recognition rules. Volunteering for a new accounting standard.

Amortization, depreciation and depletion:

Selecting the write-off method. Change to non-operating use. Estimating salvage value. Selecting the write-off period.

Sale and lease back and asset exchange techniques. These techniques impair the accuracy, reliability, and transparency of financial reports and can lead to dysfunctional decision making. The external auditors and the audit committee of the board of directors are responsible for ensuring that internal controls exist to support strong governance systems that prevent these financial abuses from occurring.

Financial Statement Fraud Red Flags

Financial statement red flags provide a general overview of the warning signs investors should take note of. They do not necessarily indicate an undoubted occurrence of financial statement fraud, but merely signal that further in-depth research must be conducted to assess the validity of the corporate documents. Creditors would find such information useful to ensure that loans are not provided to firms operating with an elevated amount of risk. Investors, on the other hand, may want to take note of the following factors to discover new opportunities. Government regulators, however, aim to catch and punish fraud to ensure the transparency and reliability of the financial markets.
Rahul Ranjan- Theoretical Background. Page 5

Five basic types of financial statement fraud exist:

fictitious sales improper expense recognition incorrect asset valuation hidden liabilities and unsuitable disclosures

Effectively spotting these fraudulent disclosures involves keeping an open eye for the most common financial statement fraud red flags:

Accounting anomalies, such as growing revenues without a corresponding growth in cash flows. Sales are much easier to manipulate than cash flow but the two should move more or less in tandem over time. Consistent sales growth while established competitors are experiencing periods of weak performance. Note that this may be due to efficient business operations rather than fraudulent activity. A rapid and unexplainable rise in the number of day's sales in receivables in addition to growing inventories. This suggests obsolete goods for which the firm records fictitious future sales. A significant surge in the company's performance within the final reporting period of fiscal year. The company may be under immense pressure to meet analysts' expectations. The company maintains consistent gross profit margins while its industry is facing pricing pressure. This can potentially indicate failure to recognize expenses or aggressive revenue recognition. A large buildup of fixed assets. An unexpected accumulation of fixed assets can flag the usage of operating expense capitalization, rather than expense recognition. Depreciation methods and estimates of assets' useful life that do not correspond to the overall industry. An overstated life of an asset will decrease the annual depreciation expense. A weak system of internal control. Strong corporate governance and internal controls processes minimize the likelihood that financial statement fraud will go unnoticed. Outsized frequency of complex related-party or third-party transactions, many of which do not add tangible value (can be used to conceal debt off the balance sheet).

Rahul Ranjan- Theoretical Background.

Page 6

The firm is on the brink of breaching their debt covenants. To avoid technical default, management may be forced to fraudulently adjust its leverage ratios. The auditor was replaced, resulting in a missed accounting period. Auditor replacement can signal a dysfunctional relationship while missed accounting period provides extra time to "fix" financials. A disproportionate amount of managements' compensation is derived from bonuses based on short term targets. This provides incentive to commit fraud. Something just feels off about the corporation's business model, financial statements or operations

An anti-fraud strategy
An effective anti-fraud strategy has four main components: Prevention Detection Deterrence

Response. The following diagram summarizes these components and the context within which an antifraud strategy sits:

(Adapted from page 25 of Fraud Risk Management: a guide to good practice)

Rahul Ranjan- Theoretical Background. Page 7

Fraud prevention There are two main elements to fraud prevention: 1. A sound ethical culture. 2. Sound internal control systems.

In order to establish a sound ethical culture an organization must have: 1. A mission statement that refers to quality or ethics and defines how the organization wants to be regarded externally. 2. Clear policy statements on business ethics and anti-fraud, with explanations about acceptable behavior in risk-prone circumstances. 3. Management which is seen to be committed through its actions. 4. Fraud risk training and awareness for all employees and key business partners. 5. A process of reminders about ethical and fraud policies, for example, an annual letter and/or declarations. 6. Periodic assessment of fraud risk. 7. A route through which suspected fraud can be reported. 8. An aggressive audit process which concentrates on fraud risk areas. Sound internal control systems An internal control system comprises all those policies and procedures that collectively support an organizations operation. Internal controls typically deal with approval and authorization processes, access restrictions, transaction controls, account reconciliations and physical security. These procedures often include the division of responsibilities, and checks and balances to reduce risk. The number and type of internal controls that an organization can introduce depends on its nature and size. Although fraud is prevalent across organizations of all sizes, sectors and locations, research shows that certain business models have greater levels of fraud risk than others. The control environment should be adjusted to fit with the degree of risk exposure. Where possible, internal controls should address warning signs and alerts to minimise fraud.

Rahul Ranjan- Theoretical Background.

Page 8

Fraud detection It will never be possible to eliminate all fraud. No system is completely fraud proof because many fraudsters can bypass the control systems put in place to stop them. However, if an organization pays greater attention to the most common indicators, this can provide early warning that something is wrong and increase the likelihood of discovering the fraudster. Fraud indicators fall into two categories: 1. Warning signs 2. Fraud alerts Warning signs Warning signs have been described as organizational indicators of fraud risk. Some examples are given below, categorized under the headings of business risk, financial risk, environmental risk and IT and data risk. Business risk Business risk can be indicated by the absence of an anti-fraud policy and culture, together with lack of staff management supervision. Bonus schemes linked to ambitious targets or directly to financial results can point to risky behavior. Unusual staff behavior patterns, for example, employees who do not take their annual leave allocation or who are unwilling to share duties, can also indicate business risk. Other warning signs include: Inadequate recruitment processes and no screening Lack of job segregation No independent checking of key transactions Inadequate access controls to physical assets and IT security systems Poor internal control documentation Large cash transactions.

Financial risk Significant pressures on management to obtain additional finance can indicate a financial risk. Other signs include the extensive use of tax havens without clear business justification, along with complex transactions or financial products.

Rahul Ranjan- Theoretical Background.

Page 9

Environmental risk This can occur when new accounting or other regulatory requirements are introduced. Highly competitive market conditions and decreasing profitability levels can also lead to environmental risk, as can significant changes in customer demand. IT and data risk Unauthorized access to systems gives rise to IT and data risk, as do rapid changes in information technology. Users sharing or displaying passwords is also highly risky. Fraud alerts Fraud alerts have been described as specific events, or red flags, which may indicate fraud. Some examples of fraud red flags are: Discrepancy between earnings and lifestyle Photocopied documents in place of originals Missing approvals or authorization signatures Extensive use of suspense accounts Inappropriate or unusual journal entries Above average number of failed login attempts.

Fraud detection tools and techniques Available tools and techniques for identifying possible fraudulent activity include: Ongoing risk assessment Trend analysis Data matching Exception reporting Internal audit Reporting mechanisms.

Fraud response An organizations approach to dealing with fraud should be clearly described in its fraud policy and fraud response plan. The plan is intended to provide procedures which allow for evidence gathering and collation. In summary, a fraud response plan should include information under the following headings:

Rahul Ranjan- Theoretical Background.

Page 10

Purpose of the fraud response plan Corporate policy Definition of fraud Roles and responsibilities The response The investigation Organizations objectives with respect to dealing with fraud Follow up action.

The fraud response plan should reiterate the organizations commitment to high legal, ethical and moral standards in all its activities, and its approach to dealing with those who fail to meet those standards. Organizations should be clear about how to enforce the rules or controls which are in place to counter fraud risks. They must also ensure that employees know how to report suspicious behavior. Reasonable steps for responding to detected or suspected instances of fraud include: Clear reporting mechanisms A thorough investigation Disciplining of the individuals responsible (internal, civil and/or criminal) Recovery of stolen funds or property Modification of the anti-fraud strategy to prevent similar behavior in future.

There are lessons to be learned from every identified fraud incident. The organizations willingness to learn from experience is as important as any other response. Organizations should examine the circumstances and conditions which allowed the fraud to occur, with a view to improving systems and procedures so that similar frauds do not occur in future. Fraud deterrence It is clear from the diagram above that the various elements of an effective anti-fraud strategy are closely interlinked. Each plays a significant role in combating fraud, with fraud deterrence at the centre. Fraud detection acts as a deterrent by sending a message to likely fraudsters that the organization is actively fighting fraud and that procedures are in place to identify any illegal activity. The possibility of being caught will often persuade a potential perpetrator not to commit a fraud. There should also be complementary detection to counter the fact that the prevention controls may be insufficient in some cases.

Rahul Ranjan- Theoretical Background.

Page 11

It is also important to have a consistent and comprehensive response to suspected and detected fraud incidents. This sends a message that fraud is taken seriously and that action will be taken against perpetrators. Each case that is detected and investigated should reinforce this deterrent and act as a form of fraud prevention.

Rahul Ranjan- Theoretical Background.

Page 12