Forensic and Investigative Accounting

Chapter 4
Detecting Fraud in Financial
Reporting

© 2013 CCH Incorporated. All Rights Reserved.

4025 W. Peterson Ave.
Chicago, IL 60646-6085
800 248 3248
CCHGroup.com
 Court-Appointed Trustee
Forensic accountants are being used by the court – appointed trustees (Irving Picard and
Securities Investor Protection Corporation) to reconstruct the books of Bernard L.
Madoff Investment Securities (BLMIS). According to Picard, there were paper records,
microfilm, and microfiche. But there was nothing that was electronic.

Every customer statement was fiction, so the first task is to reconstruct the books and
records of BLMIS. One of the early projects was to digitize the records so they are
easier to compare, including customer statements, incoming letters, faxes, and bank
records. The forensic accountant will use records from third parties and customers.
Every customer account must be reconstructed from the ground up.

Stephen Harbeck, President of Securities Investor Protection Corporation, stated that

the forensic accountants “are working as quickly as possible to catalog all the far-
reaching aspects of the Madoff scheme and to recover money for investors to the extent
possible by law.” The cost of the Ponzi scheme may be as high as $65 billion.

Source: WebCPA staff, Forensic Accountants Reconstruct Madoff Books, May 15, 2009.
http://www.webcpa.com/news/Forensic-Accountants-Reconstruct-Madoff-Books-50484-1.html
Chapter 4 Forensic and Investigative Accounting 2
PCAOB Guidance: Smaller Public Companies
1. Scaling the Audit for Smaller, Less Complex Companies.
2. Evaluating Entity-Level Controls.
3. Assessing the Risk of Management Override and
Evaluating Mitigating Actions.
4. Evaluating Segregation of Duties and Alternative
Controls.
5. Auditing Information Technology Controls in a Less
Complex IT Environment.
6. Considering Financial Reporting Competencies and Their
Effect on Internal Control.
7. Obtaining Sufficient Competent Evidence When the
Company Has Less Formal Documentation.
8. Auditing Smaller, Less Complex Companies with
Pervasive Control Deficiencies.
Chapter 4 Forensic and Investigative Accounting 3
 Entity-Level Controls

 Controls related to the control environment.

 Controls over management override; the company's risk
assessment process.
 Centralized processing and controls, including shared service
environments.
 Controls to monitor results of operations.
 Controls to monitor other controls, including activities of the audit
committee and self-assessment programs.
 Controls over the period-end financial reporting process.
 Policies that address significant business control and risk
management practices.
Source: PCAOB, October 17, 2007, pp. 12.

Chapter 4 Forensic and Investigative Accounting 4

 Definition of Fraud

Four major legal elements of fraud would be:

 A false representation or willful omission
regarding a material fact.
 The fraudster knew the representation was
false.
 The target relied on this misappropriation.
 The victim suffered damages or incurred a
loss.
Chapter 4 Forensic and Investigative Accounting 5
 PWC 2009 Global Economic Crime
Survey
Types of economic crimes with percentages:
 Asset misappropriation 67%
 Accounting fraud 38%
 Bribery and corruption 27%
 IP infringement 15%
 Money laundering 12%
 Tax fraud 5%
 Illegal insider trading 4%
 Market fraud involving cartels colluding to fix prices 3%
 Espionage 3%

Chapter 4 Forensic and Investigative Accounting 6

 Audit Procedures
Audit evidence is gathered in two fieldwork
stages:
1. Internal control testing phase.
2. Account balance testing phase.

Chapter 4 Forensic and Investigative Accounting 7

 Definitions
 Materiality is the measure of whether
something is significant enough to change an
investor’s investment decision.
 Control risk is risk that a material error in the
balance or transaction class will not be
prevented or detected.

Chapter 4 Forensic and Investigative Accounting 8

 Definitions

 Inherent risk is risk that an account or

transactions contain material misstatements
before the effects of the controls.
 Detection risk is risk that audit procedures
will not turn up material error when it
exists.

Chapter 4 Forensic and Investigative Accounting 9

External Auditors and Fraud Detection

Although auditors have previously had the

responsibility to detect material misstatement
caused by fraud, SAS No. 82 details more
precisely what is required to fulfill those
responsibilities.
(continued on next slide)

Chapter 4 Forensic and Investigative Accounting 10

External Auditors and Fraud Detection

Now, auditors must specifically assess and

respond to the risk of material misstatement
due to fraud and must assess that risk from the
perspective of the broad categories in the
SAS. External auditors have to satisfy new
documentation and communication
requirements. SAS No. 82 superseded by SAS
No. 99.

Chapter 4 Forensic and Investigative Accounting 11

Fraudulent financial reporting may occur by the
following:
 Manipulation, falsification, or alteration of
accounting records, or supporting documents from
which financial statements are prepared.
 Misrepresentation in or intentional omission from the
financial statements of events, transactions, or other
significant information.
 Intentional misapplication of accounting principles
relating to amounts, classification, manner of
presentation, or disclosure.

Source: SAS No. 99, “Consideration of Fraud in a Financial Statement Audit,” New York:
AICPA

Chapter 4 Forensic and Investigative Accounting 12

SAS No. 99 Ways to Overcome the Risk of
Management Override of Controls
 Examining journal entries and other
adjustments.
 Reviewing accounting estimates for bias,
including a retrospective review of significant
management estimates.
 Evaluating the business rationale for significant
unusual transactions.

Chapter 4 Forensic and Investigative Accounting 13

How Management Overrides Controls (SAS
No. 99)

 Recording fictitious journal entries

(especially near end of quarter or year).
 Intentionally biasing assumptions and
judgments used to estimate accounts (e.g.,
pension plan assumptions or bad debt
allowances).
 Altering records and terms related to
important and unusual transactions.

Chapter 4 Forensic and Investigative Accounting 14

 Think Like A Crook
 Know your enemy as you know yourself, and you can fight a
hundred battles with no danger of defeat.” Chinese Proverb.
 Military leaders study past battles.
 Football and basketball teams study game films of their
opponents.
 Chess players try to anticipate the moves of their opponent.

Examples: If contracts above $40,000 are normally audited each

year, check the contracts between $30,000-$40,000.

 FAs must learn the tricks of the trade as well as the trade.

Chapter 4 Forensic and Investigative Accounting 15

 SAS No. 99 Recommendations

 Brainstorming
 Increased emphasis on professional
skepticism.
 Discussions with management.
 Unpredictable audit tests.
 Responding to management override of
controls.

Chapter 4 Forensic and Investigative Accounting 16

 SAS No. 99: Skepticism
 An auditor is instructed to conduct an audit
“with a questioning mind that recognizes
the possibility that a material misstatement
due to fraud could be present, regardless of
any past experience with the entity and
regardless of the auditor’s belief about
management’s honesty and integrity.”
 FA’s motto should be “Trust no one;
question everything; verify.”

Chapter 4 Forensic and Investigative Accounting 17

 Public Company Accounting
Oversight Board (PCAOB)
 The Sarbanes-Oxley Act of 2002 created a
new, five-member oversight group called the
PCAOB.
 The PCAOB is empowered to set accounting
standards that establish auditing, quality
control, and ethical standards for accountants.
(continued on next slide)

Chapter 4 Forensic and Investigative Accounting 18

 Public Company Accounting
Oversight Board (PCAOB)

 The PCAOB is also empowered to adopt or

amend standards issued or recommended by
private accounting industry groups or to
adopt its own standards independent of such
private industry standards or
recommendations.

Chapter 4 Forensic and Investigative Accounting 19

 Walkthroughs
 According to the PCAOB, in a walkthrough, an
auditor traces “company transactions and events
– both those that are routine and recurring and
those that are unusual – from origination,
through the company’s accounting and
information systems and financial report
preparation processes, to their being reported in
the company’s financial statements.”

Source: PCAOB Briefing Paper, Proposed Auditing Standards, October 7, 2003.

Chapter 4 Forensic and Investigative Accounting 20

Internal Auditors and Fraud Detection

The Institute of Internal Auditors’ Due

Professional Care Standard (Section 280)
assigns the internal auditor the task of assisting
in the control of fraud by examining and
evaluating the adequacy and effectiveness of the
internal control system.
(continued on next slide)

Chapter 4 Forensic and Investigative Accounting 21

Internal Auditors and Fraud Detection
However, Section 280 says that management
has the primary responsibility for the
deterrence of fraud, and management is
responsible for establishing and maintaining
the control systems.
In general, internal auditors are more
concerned with employee fraud than with
management and other external fraud.

Chapter 4 Forensic and Investigative Accounting 22

 When Fraud Is Discovered
1. Notify management or the board when the
incidence of significant fraud has been
established to a reasonable certainty.
2. If the results of a fraud investigation indicate
that previously undiscovered fraud materially
adversely affected previous financial
statements, for one or more years, the internal
auditor should inform appropriate management
and the audit committee of the board of
directors of the discovery.
(continued on next slide)
Chapter 4 Forensic and Investigative Accounting 23
 When Fraud Is Discovered
3. A written report should include all findings,
conclusions, recommendations, and
corrective actions taken.
4. A draft of the written report should be
submitted to legal counsel for review,
especially where the internal auditor chooses
to invoke client privilege.

Chapter 4 Forensic and Investigative Accounting 24

 Audit Committee

The audit committee is the subcommittee of

an organization’s board of directors charged
with overseeing the organization’s financial
reporting and internal control processes. The
audit committee’s biggest responsibility is
monitoring the component parts of the audit
process.

Chapter 4 Forensic and Investigative Accounting 25

 Management’s Role

The Sarbanes-Oxley Act of 2002 mandates

that CEOs and CFOs certify in periodic
reports containing financial statements filed
with the SEC the appropriateness of financial
statements and disclosures.

Chapter 4 Forensic and Investigative Accounting 26

 Board of Directors’ Role
 Oversee the integrity, quality, transparency,
and reliability of the financial reporting
process.
 Oversee the adequacy and effectiveness of
the internal control structure in preventing,
detecting, and correcting material
misstatements in the financial statements.
 Oversee the effectiveness, efficacy, and
objectivity of audit functions.
Chapter 4 Forensic and Investigative Accounting 27
 Enter the Forensic Accountant
Forensic accountants may be brought in to:
– Investigate the minute any irregularities
surface.
– Measure risk factors and create policy that
brings the forensic accountant in when
certain scores are attained.
– Check in randomly as a matter of routine.

Chapter 4 Forensic and Investigative Accounting 28

 Audit Tests

The Panel on Audit Effectiveness recommended

that surprise or unpredictable elements should be
incorporated into audit tests, including:
– Recounts of inventory and unannounced visits
to locations.
– Interviews of financial and nonfinancial client
personnel in different locations.
(continued on next slide)

Chapter 4 Forensic and Investigative Accounting 29

 Auditing Hints
 SAS No. 99 does not require auditors to make inquiries of
“others,” as opposed to management. Auditors must talk to and
interview others below management level. If asked, employees
may be willing to report suspicious activities.
 Use independent sources for evaluating management (e.g.,
financial analysts). Surf the internet.
 Auditors need to follow the performance history of managers and
directors.
 If a company has an anonymous reporting system, obtain
information about the incidents reported and consider them
when assessing fraud risk.
(continued on next slide)

Chapter 4 Forensic and Investigative Accounting 30

 Auditing Hints
 Be sure to perform analytical procedures, and the work should be
reviewed by senior members of the audit team.
 Auditors should select sample items below their normal
testing scope (e.g., HealthSouth).
 Fraud procedures should be more than checklists. Audits
should focus on finding and detecting fraud.
 Ask for and review all “top drawer” entries.
 Ask for and review all side agreements.
 Look for hockey stick patterns.

Chapter 4 Forensic and Investigative Accounting 31

 Audit Tests
– Requests for written confirmations from
client employees regarding matters about
which they have made representations to the
auditors.
– Tests of accounts not normally performed
annually.
– Tests of accounts traditionally or frequently
deemed “low risk.”

Chapter 4 Forensic and Investigative Accounting 32

 Financial Statement Fraud
Categories and Red Flags
 Overstated revenues.
 Management estimates.
 Pro formas can mislead.
 Earnings problems: masking reduced cash flow.
 Earnings before interest, tax, depreciation, and
amortization (EBITDA).
 Excessive debt.
 Inventory problems.

Chapter 4 Forensic and Investigative Accounting 33

 Cooking-the-Books Often Collaborative Effort
• For restatements between January 1, 1997 to June 30, 2002, 45%
were accused of securities fraud and subject to shareholder suits.

• Average of 7 individuals were implicated, including

CEOs
CFOs
COOs
General counsel
Directors
Internal/external auditors

Source: Robert Tillman and Michael Indergaard, Control Overrides in Financial Statement
Fraud.
Chapter 4 Forensic and Investigative Accounting 34
 WorldCom Fraud Massive
 At least 40 people knew about the fraud.
 They were afraid to talk.
 Scott Sullivan handed out $10,000 checks to 7 involved
individuals.
 Altered key documents and denied Andersen access to
the database where most of the sensitive numbers were
stored.
 Andersen did not complain about denied access.
 Company officials decided what tax rates they wanted and
then used the reserves to arrive at the tax rates.

Source: Rebecca Blumenstein and Susan Pullian, “WorldCom Fraud

Was Widespread,” Wall Street J., June 10, 2003, p. 3.
Chapter 4 Forensic and Investigative Accounting 35
 Financial Statement Fraud
Categories and Red Flags
 CPA problems.
 Sales and expenses problems.
 Big bath.
 Balance sheet account problems.
 Pension plan problems.
 Reserve estimates (cookie jar accounting).
 Personal piggy bank.
 Barter deals.

Chapter 4 Forensic and Investigative Accounting 36

 HealthSouth
 From 1999 to 2001, HealthSouth’s net income
increased nearly 500 percent, but revenue grew
only five percent.
 On March 19, 2003, the SEC said that
HealthSouth faked at least $1.4 billion in profit
since 1999.
 Professional fees associated with the
reconstruction of HealthSouth’s financial records
and restatement of 2001 and 2002 consolidated
financial statements totaled over $270 million.

Chapter 4 Forensic and Investigative Accounting 37

 Financial Fraud Detection Tools

 Interviewing the executives.

 Analytics.
 Percentage analysis:
– Horizontal analysis.
– Vertical analysis.
– Ratio analysis.

Chapter 4 Forensic and Investigative Accounting 38

 Financial Fraud Detection Tools

 Using checklists to help detect fraud:

– SAS checklist.
– Attitudes/Rationalizations checklist.
– Audit test activities checklist.
– Miscellaneous fraud indicator checklist.

Chapter 4 Forensic and Investigative Accounting 39

 Behavioral Approaches

 Some fraud schemes cannot be effectively

detected using data-driven approaches.
Instead, behavioral considerations may help
an auditor find fraud. Employee attitudes,
feelings, values, norms, interaction with
peers, and general satisfaction should all be
considered when looking for fraud.

Chapter 4 Forensic and Investigative Accounting 40

 Federal Sentencing Guidelines
Federal Sentencing Guidelines were adopted in 1984 to emphasize fairness,
consistency, punishment, incapacitation, and deterrence in sentencing. This
mandatory sentencing regime was in place until the Supreme Court in 20041 and
20052 converted the guidelines to advisory status, stating that these guidelines
violated the Sixth Amendment. District court judges are now required only to
consider guideline ranges.

Under the sentencing guidelines the base offense level is determined for a specific
offense.3 For example, the basic offense level for larceny, embezzlement, and
other forms of theft is 6 where the loss is $5,000 or less. However, if the loss is
more than $2.5 million, add 18 to the 6. Other adjustments are made for victim,
role, obstruction of justice, multiple counts, and defendant’s criminal history.
Negative adjustments can be made for accepting responsibility.4
(continued on next slide)

Chapter 4 Forensic and Investigative Accounting 41

 Federal Sentencing Guidelines
If an individual has an offense level of 16 and falls into the first criminal
history category, the guideline sentence is 21 to 27 months. If, however, the
criminal history category is 5, the guideline prison sentence is 41-51 months.

A Department of Justice Fact Sheet dated March 15, 2006 said that as a result of
the Booker decision, the fairness, consistency, predictability, and accountability
that were the hallmarks of the mandatory guidelines are in serious jeopardy as a
result of a decline in compliance with the guidelines. Within one year the
number of sentences imposed within the guidelines has dropped 62.2 percent.5

1 U.S. v. Blakely, 542 U.S. 296 (2004).

2 U.S. v. Booker, 543 U.S. 220 (2005).
3 U.S. Sentencing Commission, Guideline Manual, §3E1.1 (November 2008), p.16.

4 Ibid., p. 395.

5 Department of Justice, Fact Sheet: The Impact of United States v. Booker on Federal Sentencing,

March 15, 2006.

Chapter 4 Forensic and Investigative Accounting 42

 Effective Ethics and Compliance
Program
If a company has an effective ethics and
compliance program (i.e., internal audit
department), 3 offense points are deducted
from the total score. So if the total score is 29
before the reduction of 3 points, the fine
would be $ 8.1 million; whereas a score of 26
results in a fine of only $ 3.7 million.

Chapter 4 Forensic and Investigative Accounting 43

 Accounts Payable Fraud Red Flags
1. Duplicate payments (2% of total purchases)
$80 million times 2% = $1.6 million loss.
– Extract only the numerical digits of an invoice number and match on only the
numbers portion of the invoice.
– Try identifying the dates that are similar such as dates that are less than 14 days.
– Try matching on the absolute value of the amount.
2. Rounded-amount invoices.
3. Invoices just below approval amounts.
4. Abnormal invoice volume activity (two invoices one month and 60 the next).
5. Vendors with sequential invoice numbers.
LC 0002, LC 0003, LC 0004
6. Above average payments per vendor.

C. Warner and B. G. Dubinsky, “Uncovering Accounts Payable Fraud,” Fraud Magazine,

July/ August 2006, pp. 29-51.

Chapter 4 Forensic and Investigative Accounting 44

 Interview Room Layout

Chapter 4 Forensic and Investigative Accounting 45

 Room Layout with Witness

Chapter 4 Forensic and Investigative Accounting 46

 F. E. Inbau’s Hints for Interviewing
 Establish a sense of privacy
 No locks or physical impediments
 Room plain color (e.g. no pictures, etc.)
 Lighting should provide good, but not excessive or glaring
illumination of interviewee’s face. Same for interviewer.
 No telephones, cell phones, or beepers.
 Chairs about 4 feet apart. Straight-back. No rollers. Facing each other.
 Both chairs at the same level (both at same eye level).
 Observation room arrangement if possible (or video). Record it, no
video.
 In case of a female, another female should be present.
 Not at suspect’s home or office
 No bad breath odor.
F.E. Inbau, “Essentials of the Reid Technique: Criminal Interrogation and Confessions,” Sudbury, MA: Jones & Bartlett
Publishers, 2005, pp. 28-33.

Chapter 4 Forensic and Investigative Accounting 47

 UpJohn Warning
 During interviews where illegal behavior is suspected and an
attorney is present, a proper Upjohn warning is appropriate (or
corporate Miranda).

 The attorney should tell the employee that the attorney

represents the company and not the employee.

 Employee should be clearly told that the attorney-client

privilege belongs to the company (and not to the employee).

 Interview notes should state that the UpJohn warning was given.

Chapter 4 Forensic and Investigative Accounting 48

 Clawback Provisions
 Allows companies to recoup excessive compensation in
the event there is an accounting overstatement.
 The Dodd-Frank Wall Street Reform and Consumer
Protection Act of 2012 directs the SEC to require listed
companies to adopt two key recovery policies:
– Companies must disclose any clawback policies for any
compensation-based incentives that were paid out based on any
erroneous financial information reported under the securities rules.
– Companies must seek recoupment from any current or former
executive officer of any incentive-based compensation paid during
the three-year period preceding the date that the corporation is
required to prepare an accounting restatement that was based on
any erroneous data.
Chapter 4 Forensic and Investigative Accounting 49