Chapter 12:

Fraud Schemes &

Fraud Detection

IT Auditing & Assurance, 2e, Hall &

IT Auditing & Assurance,
Singleton2e, Hall & Singleton
 FRAUD TREE
 Asset misappropriation fraud
1. Stealing something of value – usually cash or inventory (i.e.,
asset theft)
2. Converting asset to usable form
3. Concealing the crime to avoid detection
4. Usually, perpetrator is an employee

 Financial fraud
1. Does not involve direct theft of assets
2. Often objective is to obtain higher stock price (i.e., financial fraud)
3. Typically involves misstating financial data to gain additional
compensation, promotion, or escape penalty for poor performance
4. Often escapes detection until irreparable harm has been done
5. Usually, perpetrator is executive management

 Corruption fraud
1. Bribery, etc.

IT Auditing & Assurance, 2e, Hall & Singleton

ACFE 2004 REPORT TO THE NATION

IT Auditing & Assurance, 2e, Hall & Singleton

 FRAUD SCHEMES
 Fraudulent financial statements {5%}
 Corruption {13%}
 Bribery
 Illegal gratuities
 Conflicts of interest
 Economic extortion
 Asset misappropriation {85%}
 Charges to expense accounts
 Lapping
 Kiting
 Transaction fraud
Percentages per ACFE 2002 Report to the Nation – see Table 12-1
IT Auditing & Assurance, 2e, Hall & Singleton
 COMPUTER FRAUD
SCHEMES
 Data Collection
 Data Processing
 Database Management
 Information Generation

IT Auditing & Assurance, 2e, Hall & Singleton

AUDITOR’S RESPONSIBILITY FOR
DETECTING FRAUD—SAS NO. 99
 Sarbanes-Oxley Act 2002
 SAS No. 99 – “Consideration of Fraud in a
Financial Statement Audit”
1. Description and characteristics of fraud
2. Professional skepticism
3. Engagement personnel discussion
4. Obtaining audit evidence and information
5. Identifying risks
6. Assessing the identified risks
7. Responding to the assessment
8. Evaluating audit evidence and information
9. Communicating possible fraud
10. Documenting consideration of fraud
IT Auditing & Assurance, 2e, Hall & Singleton
FRAUDULANT FINANCIAL
REPORTING
 Risk factors:
1. Management’s characteristics and
influence over the control environment
2. Industry conditions
3. Operating characteristics and financial
stability

IT Auditing & Assurance, 2e, Hall & Singleton

 FRAUDULANT FINANCIAL
REPORTING
 Common schemes:
 Improper revenue recognition
 Improper treatment of sales
 Improper asset valuation
 Improper deferral of costs and
expenses
 Improper recording of liabilities
 Inadequate disclosures

IT Auditing & Assurance, 2e, Hall & Singleton

 MISAPPROPRIATION OF
ASSETS
 Risk factors:
1. Susceptibility of assets to
misappropriation
2. Controls

IT Auditing & Assurance, 2e, Hall & Singleton

 MISAPPROPRIATION OF
ASSETS
 Common schemes:
 Personal purchases
 Ghost employees
 Fictitious expenses
 Altered payee
 Pass-through vendors
 Theft of cash (or inventory)
 Lapping

IT Auditing & Assurance, 2e, Hall & Singleton

ACFE 2004 REPORT TO THE NATION

IT Auditing & Assurance, 2e, Hall & Singleton

AUDITOR’S RESPONSE TO RISK
ASSESSMENT
 Engagement staffing and extent of
supervision
 Professional skepticism
 Nature, timing, extent of procedures
performed

IT Auditing & Assurance, 2e, Hall & Singleton

AUDITOR’S RESPONSE TO DETECTED
MISSTATEMENTS DUE TO FRAUD
 If no material effect:
 Refer matter to appropriate level of management
 Ensure implications to other aspects of the audit
have been adequately addressed
 If effect is material or undeterminable:
 Consider implications for other aspects of the audit
 Discuss the matter with senior management and
audit committee
 Attempt to determine if material effect
 Suggest client consult with legal counsel

IT Auditing & Assurance, 2e, Hall & Singleton

AUDITOR’S DOCUMENTATION
 Document in the working papers
criteria used for assessing fraud risk
factors:
1. Those risk factors identified
2. Auditor’s response to them

IT Auditing & Assurance, 2e, Hall & Singleton

FRAUD DETECTION TECHNIQUES
USING ACL

 Payments to fictitious vendors

 Sequential invoice numbers
 Vendors with P.O. boxes
 Vendors with employee address
 Multiple company with same address
 Invoice amounts slightly below review
threshold

IT Auditing & Assurance, 2e, Hall & Singleton

FRAUD DETECTION TECHNIQUES
USING ACL

 Payroll fraud
 Test for excessive hours worked
 Test for duplicate payments
 Tests for non-existent employee

IT Auditing & Assurance, 2e, Hall & Singleton

FRAUD DETECTION TECHNIQUES
USING ACL

 Lapping A.R.

 Balance forward method

 Open invoice method

IT Auditing & Assurance, 2e, Hall & Singleton

 Chapter 12:
Fraud Schemes &
Fraud Detection

IT Auditing & Assurance, 2e, Hall &

IT Auditing & Assurance,
Singleton 2e, Hall & Singleton